Date: Sun, 07 Nov 1999 03:53:50 +0900 From: "Daniel C. Sobral" <dcs@newsguy.com> To: Borja Marcos <borjam@we.lc.ehu.es> Cc: hackers@FreeBSD.ORG Subject: Re: exec() security enhancement Message-ID: <3824793E.CF39EF0B@newsguy.com> References: <199910302232.AAA16912@sirius.we.lc.ehu.es>
next in thread | previous in thread | raw e-mail | index | archive | help
Borja Marcos wrote: > > Hello, > > Many security exploits create files in the /tmp directory > and execute them. I think it would be a good idea to add logging > to the to exec_check_permissions() in kern.exec.c so that attempts > to run files from a filesystem mounted as "noexec" can be detected. > > With this measeure, and mounting /tmp as "noexec" some > generic hostile acts (wow, how does it sound! :-) ) could be > detected. [and, as you said, the same goes for nosuid -- and for nodev too] This doesn't enhance security. It enhances auditability. I like this. Add a syslog, and a sysctl to turn it on or off. It seems straight-forward and light-weight. Send the patches. :-) -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org What y'all wanna do? Wanna be hackers? Code crackers? Slackers Wastin' time with all the chatroom yakkers? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3824793E.CF39EF0B>