Re: coupe things RedHat does well and Debian should too
Ethan Benson writes:
> bindshell?
> or do you mean games like detached screen sessions and suidperl?
Like that. Listen on a high port, spawn a shell when the *cough* l33t
h4x0r connects and gives a password. No, i didn't just make up the
name. But you bring up two more good reasons why 'nosuid' should not
be considered a cure-all.
I fired off that last mail before I had time to wonder: why are we
talking about suid executables anyway? I thought this module chowned
the devices or something similar... *shrug*
--
There is no TRUTH. There is no REALITY. There is no CONSISTENCY. There
are no ABSOLUTE STATEMENTS. I'm very probably wrong. -- BSD fortune(6)
Reply to: