From owner-freebsd-security Sat Aug 29 07:06:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA28875 for freebsd-security-outgoing; Sat, 29 Aug 1998 07:06:16 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phluffy.lm.com (phluffy.lm.com [204.171.44.47]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA28862 for ; Sat, 29 Aug 1998 07:06:12 -0700 (PDT) (envelope-from myke@ees.com) Received: from localhost (myke@localhost) by phluffy.lm.com (8.9.0/8.8.8) with SMTP id KAA11468; Sat, 29 Aug 1998 10:01:25 -0400 (EDT) (envelope-from myke@ees.com) Date: Sat, 29 Aug 1998 10:01:25 -0400 (EDT) From: Mike Holling X-Sender: myke@phluffy.lm.com To: Andrew McNaughton cc: "Matthew D. Fuller" , "Jan B. Koum " , scex , "Jeffrey J. Mountin" , security@FreeBSD.ORG Subject: Re: Shell history In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > On Fri, Aug 28, 1998 at 10:42:52PM -0700, Jan B. Koum woke me up to tell me: > > > Hmm.. you are right, but what will stop an attacker who has > > > freebsd box or has access to one to download the binary? > > > > mount -u -o noexec /home? > > (and /tmp, of course) > > Does this stop an attacker doing something like loading a file as a > library from perl, using code on stdin? A sufficiently skilled attacker will probably always be able to get root once they have shell access on a box. The key is to prevent them from getting to that point in the first place. - Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message