On Sat, 12 Jul 2003 at 09:34:16PM -0400, Noah L. Meyerhans wrote: > Basically, what it comes down to is that you *can not* prevent files > from being executed. Even if you remove the execute bits from /tmp/ls > in the above example, you'll still be able to run it.
I believe grsecurity ACLs will prevent /tmp from being loaded by ld-linux... -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #220: Telecommunications is upgrading.
pgpFot3Jw8hbv.pgp
Description: PGP signature
