Hello,
Many security exploits create files in the /tmp directory
and execute them. I think it would be a good idea to add logging
to the to exec_check_permissions() in kern.exec.c so that attempts
to run files from a filesystem mounted as "noexec" can be detected.
With this measeure, and mounting /tmp as "noexec" some
generic hostile acts (wow, how does it sound! :-) ) could be
detected.
Regards,
Borja.
--
***********************************************************************
Borja Marcos * Internet: [EMAIL PROTECTED]
Alangoeta, 11 1 izq * [EMAIL PROTECTED]
48990 - Algorta (Vizcaya) * [EMAIL PROTECTED]
SPAIN * CompuServe: 100015,3502
***********************************************************************
--- FreeBSD, turning PCs into workstations
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
