Security Basics mailing list archives
Re: cron exploit?
From: "Steve Bremer" <steveb () nebcoinc com>
Date: Wed, 01 Oct 2003 17:05:05 -0500
so all those nice little local buffer and heap overflows (and other potential privilege escalation ilk) are less dangerous than they would otherwise be.
Have you also considered trying the grsecurity kernel patch? I've found it to be quite stable in my testing as long as you don't chose the experimental options (e.g. KERNEXEC). It provides some protection against stack and heap overflows, return into libc exploits, and temporary file handling issues. It actually has a complete MAC system built in if you want to use it. There are also a bunch of other protection enhancing features available that I won't go into here. I recommend grsecurity for boxes that have local users since it provides a lot additional protections if you can afford the small performance hit. www.grsecurity.org Steve Bremer NEBCO, Inc. System & Security Administrator --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: cron exploit? Steve Bremer (Oct 01)