Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.security > #6216

Re: sysadmin in training

Show all headers | View raw

Michael Lazin <microlaser@gmail.com> writes:

> SInce Ossec HIDS is GNU Public licensed I think this is not a bad idea to
> include this in the documentation.  The referenced article does describe
> securing Debian with open source tools and I honestly have seen this
> documentation for the first time tonight and I think it is very high
> quality. The thing that caught my eye is disabling execution for /tmp.  I

I don't know about the current state, but I did disable execution for /tmp
at some point, only to discover that installing some packages failed because
of this.

Although I don't remember, if it was the package or apt-get/dpkg needing
an executable /tmp.

> managed thousands of Debian servers at one time and I often found hacker
> scripts in ./tmp because of a Wordpress exploit.  This is because /tmp is
> world writable and presumably people who don't know better are unlikely to
> look for bad scripts there.

Back to linux.debian.security | Previous | Next — Previous in thread | Find similar

Thread

sysadmin in training Jeffrey Chimene <jeff@systasis.co> - 2023-05-12 17:40 +0200
  Re: sysadmin in training Jeremy Stanley <fungi@yuggoth.org> - 2023-05-12 18:20 +0200
    Re: sysadmin in training Jeffrey Chimene <jeff@systasis.co> - 2023-05-12 19:10 +0200
      Re: sysadmin in training Jeremy Stanley <fungi@yuggoth.org> - 2023-05-12 19:20 +0200
        Re: sysadmin in training Jeffrey Chimene <jeff@systasis.co> - 2023-05-12 21:40 +0200
          Re: sysadmin in training Michael Lazin <microlaser@gmail.com> - 2023-05-13 03:50 +0200
            Re: sysadmin in training Lupe Christoph <lupe@lupe-christoph.de> - 2023-05-13 04:10 +0200
            Re: sysadmin in training Olaf Dietsche <olaf+list.debian-security@olafdietsche.de> - 2023-05-13 14:40 +0200

csiph-web