There's more than one way to do things | |
PerlMonks |
Re: Re: Re: Re: Security Uploading Filesby beth (Scribe) |
on May 26, 2004 at 18:04 UTC ( [id://356672]=note: print w/replies, xml ) | Need Help?? |
While you're doing that, mount the partition with noexec:
noexec Do not allow execution of any binaries on the mounted file system. This option might be useful for a server that has file systems containing binaries for architectures other than its own.Also good for parititions that are writable by untrusted users. It was suggested to me recently that the whole web root should be on a noexec partition, with cgi's symlinked from /usr/lib (or, presumably, other trusted partitions). -- eval pack("H*", "7072696e74207061636b2822482a222c202236613631373036382229"); # japh or forkbomb? You decide!
In Section
Seekers of Perl Wisdom
|
|