From owner-freebsd-security  Sat Aug 29 00:27:17 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA25599
          for freebsd-security-outgoing; Sat, 29 Aug 1998 00:27:17 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA25587
          for <security@FreeBSD.ORG>; Sat, 29 Aug 1998 00:27:09 -0700 (PDT)
          (envelope-from andrew@squiz.co.nz)
Received: from localhost (andrew@localhost)
	by aniwa.sky (8.8.7/8.8.7) with SMTP id TAA05027;
	Sat, 29 Aug 1998 19:24:00 +1200 (NZST)
	(envelope-from andrew@squiz.co.nz)
Date: Sat, 29 Aug 1998 19:23:59 +1200 (NZST)
From: Andrew McNaughton <andrew@squiz.co.nz>
X-Sender: andrew@aniwa.sky
Reply-To: andrew@squiz.co.nz
To: "Matthew D. Fuller" <fullermd@futuresouth.com>
cc: "Jan B. Koum " <jkb@best.com>, scex <scex@dqc.org>,
        "Jeffrey J. Mountin" <jeff-ml@mountin.net>, security@FreeBSD.ORG
Subject: Re: Shell history
In-Reply-To: <19980829012245.54585@futuresouth.com>
Message-ID: <Pine.BSF.3.96.980829191526.6282G-100000@aniwa.sky>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, 29 Aug 1998, Matthew D. Fuller wrote:

> On Fri, Aug 28, 1998 at 10:42:52PM -0700, Jan B. Koum  woke me up to tell me:
> > 	Hmm.. you are right, but what will stop an attacker who has
> > freebsd box or has access to one to download the binary?
> 
> mount -u -o noexec /home?
> (and /tmp, of course)

Does this stop an attacker doing something like loading a file as a
library from perl, using code on stdin?

ANdrew




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message