On Sun, 29 Jun 2003 17:12, Jason Lim wrote: > The box is a very recently updated "stable" box... virtually every other > date apt-get is update/upgrade. > > The box is setup very secure... the usual things were done... like > ensuring no unused services are running and things like that. > > So does that mean "stable" is actually vulnerable to something we all > don't know about???
That could be the case. Or it could be some issue of your configuration. Maybe you have Apache set to run customer cgi-bin scripts under the same UID and a customer uploaded an insecure or hostile cgi-bin script. Have you considered using SE Linux? -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
