Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: Re: Re: Re: Security Uploading Files

by beth (Scribe)
on May 26, 2004 at 18:04 UTC ( [id://356672]=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Re: Security Uploading Files
in thread Security Uploading Files

While you're doing that, mount the partition with noexec: 
              noexec Do not allow execution of  any  binaries  on
                     the  mounted file system.  This option might
                     be useful for a server that has file systems
                     containing  binaries for architectures other
                     than its own.
Also good for parititions that are writable by untrusted users. It was suggested to me recently that the whole web root should be on a noexec partition, with cgi's symlinked from /usr/lib (or, presumably, other trusted partitions).

--
eval pack("H*", "7072696e74207061636b2822482a222c202236613631373036382229");
# japh or forkbomb? You decide!
  • Comment on Re: Re: Re: Re: Security Uploading Files

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://356672]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others learning in the Monastery: (6)
As of 2024-04-20 02:30 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found