Russell Coker <[EMAIL PROTECTED]> writes: >> Ok, then we have one ftp Server. :) >> Do you have an SE Enhanced FTP Server ? :) > I have a policy for ftp servers that is quite restrictive. We could > intentionally install an old FTP server with a security hole if you >> like. ;)
Och. No. :) install muddleftpd :) > Someone who breaks it will only be able to run "ls" and can't write to any > file. The only raised priviledge level of the FTP server is the ability to > log to syslog. Hmm, muddleftpd is out then. It has its own logging :) > One of my future plans is to write some sample exploitable programs and > exploit programs for them, then I can demonstrate how such programs allow > root exploits on unprotected systems but don't allow anything on SE systems. Hmm, sounds nice. This Linuxtag has a very good site: I get a full configured Debian SE System. (And i kill you if you rm -rf / that on 9. Juni ! ) :)) -- begin OjE-ist-scheisse.txt bye, Joerg Registered Linux User #97793 @ http://counter.li.org end -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
