On Thursday, November 8, 2001, at 08:08 , Wichert Akkerman wrote:
Previously Ethan Benson wrote:
sorry i don't leave known security holes wide open on my boxes. only
an idiot does that.
If you think your box does not have currently unknown holes you are
naive :)
Unless its unplugged. But
On Thursday, November 8, 2001, at 08:08 , Wichert Akkerman wrote:
> Previously Ethan Benson wrote:
>> sorry i don't leave known security holes wide open on my boxes. only
>> an idiot does that.
>
> If you think your box does not have currently unknown holes you are
> naive :)
>
Unless its unpl
> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:
Ethan> On Thu, Nov 08, 2001 at 03:32:06PM -0800, Vineet Kumar
Ethan> wrote:
>> Well, on some level, *every* system is vulnerable to
>> scriptkiddies. The worst security flaw is admin hubris; always
>> remember that you
> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:
Ethan> On Thu, Nov 08, 2001 at 03:32:06PM -0800, Vineet Kumar
Ethan> wrote:
>> Well, on some level, *every* system is vulnerable to
>> scriptkiddies. The worst security flaw is admin hubris; always
>> remember that you
On Fri, Nov 09, 2001 at 01:49:54PM +, Tim Haynes wrote:
>
> That's why, the more layers I can throw in someone's face, be it
> firewalling, more than just `defaults' in fstab, running libsafe, the better.
sure useful things like nosuid, and nodev.
noexec is worthless.
as soon as everyone
Ethan Benson <[EMAIL PROTECTED]> writes:
[snip]
> so here is the situation:
>
> i don't leave open holes that script kiddies use with thier skripts only
> a dumbass skript kiddie will be foiled by noexec /tmp skript kiddies will
> be foiled by the fact that my boxes are always up to date and patc
On Fri, Nov 09, 2001 at 01:49:54PM +, Tim Haynes wrote:
>
> That's why, the more layers I can throw in someone's face, be it
> firewalling, more than just `defaults' in fstab, running libsafe, the better.
sure useful things like nosuid, and nodev.
noexec is worthless.
as soon as everyone
Ethan Benson <[EMAIL PROTECTED]> writes:
[snip]
> so here is the situation:
>
> i don't leave open holes that script kiddies use with thier skripts only
> a dumbass skript kiddie will be foiled by noexec /tmp skript kiddies will
> be foiled by the fact that my boxes are always up to date and pat
Previously Ethan Benson wrote:
> why don't you bother to read what i said. script kiddies don't exploit
> unknown holes as you have stated, and what i stated above is i don't
> leave KNOWN PATCHED holes on my boxes, those are what script kiddies
> attack.
Script kiddies can get their hand on 0-day
On Fri, Nov 09, 2001 at 02:08:17AM +0100, Wichert Akkerman wrote:
> Previously Ethan Benson wrote:
> > sorry i don't leave known security holes wide open on my boxes. only
> > an idiot does that.
>
> If you think your box does not have currently unknown holes you are
> naive :)
why don't you bot
Previously Ethan Benson wrote:
> why don't you bother to read what i said. script kiddies don't exploit
> unknown holes as you have stated, and what i stated above is i don't
> leave KNOWN PATCHED holes on my boxes, those are what script kiddies
> attack.
Script kiddies can get their hand on 0-da
On Fri, Nov 09, 2001 at 02:08:17AM +0100, Wichert Akkerman wrote:
> Previously Ethan Benson wrote:
> > sorry i don't leave known security holes wide open on my boxes. only
> > an idiot does that.
>
> If you think your box does not have currently unknown holes you are
> naive :)
why don't you bo
Previously Ethan Benson wrote:
> sorry i don't leave known security holes wide open on my boxes. only
> an idiot does that.
If you think your box does not have currently unknown holes you are
naive :)
Wichert.
--
_
/[EMAIL PROT
On Thu, Nov 08, 2001 at 03:32:06PM -0800, Vineet Kumar wrote:
>
> Well, on some level, *every* system is vulnerable to scriptkiddies. The
> worst security flaw is admin hubris; always remember that you are not
> immune.
sorry i don't leave known security holes wide open on my boxes. only
an idio
Previously Rolf Kutz wrote:
> If you have a linux-fileserver serving binaries for
> linux-workstations, how should it tell?
It won't have any effect then anyway.
Wichert.
--
_
/[EMAIL PROTECTED] This space intentionally
* Quoting Wichert Akkerman ([EMAIL PROTECTED]):
> Previously Rolf Kutz wrote:
> > If you mount partitions of a different OS or
> > machine, whose programs can't or shouldn't be
> > executed.
>
> Any sane OS will gave a sane error when you do that anyway.
If you have a linux-fileserver serving bin
* Ethan Benson ([EMAIL PROTECTED]) [011108 07:56]:
> On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote:
> > Previously Ethan Benson wrote:
> > > its not, it provides you NO extra security whatsoever, and will break
> > > many many things.
> >
> > It breaks a fair number of scripts t
Previously Ethan Benson wrote:
> sorry i don't leave known security holes wide open on my boxes. only
> an idiot does that.
If you think your box does not have currently unknown holes you are
naive :)
Wichert.
--
_
[EMAIL PROT
On Thu, Nov 08, 2001 at 03:32:06PM -0800, Vineet Kumar wrote:
>
> Well, on some level, *every* system is vulnerable to scriptkiddies. The
> worst security flaw is admin hubris; always remember that you are not
> immune.
sorry i don't leave known security holes wide open on my boxes. only
an idi
Previously Rolf Kutz wrote:
> If you have a linux-fileserver serving binaries for
> linux-workstations, how should it tell?
It won't have any effect then anyway.
Wichert.
--
_
[EMAIL PROTECTED] This space intentionally
* Quoting Wichert Akkerman ([EMAIL PROTECTED]):
> Previously Rolf Kutz wrote:
> > If you mount partitions of a different OS or
> > machine, whose programs can't or shouldn't be
> > executed.
>
> Any sane OS will gave a sane error when you do that anyway.
If you have a linux-fileserver serving bi
* Ethan Benson ([EMAIL PROTECTED]) [011108 07:56]:
> On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote:
> > Previously Ethan Benson wrote:
> > > its not, it provides you NO extra security whatsoever, and will break
> > > many many things.
> >
> > It breaks a fair number of scripts
Previously Rolf Kutz wrote:
> If you mount partitions of a different OS or
> machine, whose programs can't or shouldn't be
> executed.
Any sane OS will gave a sane error when you do that anyway.
Wichert.
--
_
/[EMAIL PROTECTED]
Previously Rolf Kutz wrote:
> If you mount partitions of a different OS or
> machine, whose programs can't or shouldn't be
> executed.
Any sane OS will gave a sane error when you do that anyway.
Wichert.
--
_
[EMAIL PROTECTED]
On 2001-11-08 16:47 Wichert Akkerman wrote:
Previously Emmanuel Lacour wrote:
EL> What's the use of noexec flag???
WA> Historic thing mostly with very little practical use these days.
At least it's a Good Thing to have around when mounting DOSish floppies
and such to avoid having all files marke
Wichert Akkerman ([EMAIL PROTECTED]) wrote:
> Previously Emmanuel Lacour wrote:
> > What's the use of noexec flag???
>
> Historic thing mostly with very little practical use these days.
man mount
- Rolf
Emmanuel Lacour ([EMAIL PROTECTED]) wrote:
> What's the use of noexec flag???
If you mount partitions of a different OS or
machine, whose programs can't or shouldn't be
executed.
- Rolf
On 2001-11-08 16:47 Wichert Akkerman wrote:
Previously Emmanuel Lacour wrote:
EL> What's the use of noexec flag???
WA> Historic thing mostly with very little practical use these days.
At least it's a Good Thing to have around when mounting DOSish floppies
and such to avoid having all files mark
Previously Ethan Benson wrote:
> 1: if your system is vulnerable to script kiddies then admin needs to
>be taken out back and beaten with a large LART.
Sure, but I don't mind having a hopefully completely redundant extra
layer in there.
> 2: if the script kiddie even has 2 tenths of a percent
On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote:
> Previously Ethan Benson wrote:
> > its not, it provides you NO extra security whatsoever, and will break
> > many many things.
>
> It breaks a fair number of scripts that script-kiddies use, and as
> such it is somewhat useful.
1
Previously Emmanuel Lacour wrote:
> What's the use of noexec flag???
Historic thing mostly with very little practical use these days.
Wichert.
--
_
/[EMAIL PROTECTED] This space intentionally left occupied \
| [EMAIL PRO
Ok, thanks for all the comments, I remember have been seen that we could
run a program in a noexec partition like you said. So I will continue
without noexec (and do more stuff on more usefull security tricks). Just
one question:
What's the use of noexec flag???
--
Easter-eggs
Wichert Akkerman <[EMAIL PROTECTED]> writes:
> Previously Ethan Benson wrote:
> > its not, it provides you NO extra security whatsoever, and will break
> > many many things.
>
> It breaks a fair number of scripts that script-kiddies use, and as
> such it is somewhat useful.
. FWIW it'll also bre
Wichert Akkerman ([EMAIL PROTECTED]) wrote:
> Previously Emmanuel Lacour wrote:
> > What's the use of noexec flag???
>
> Historic thing mostly with very little practical use these days.
man mount
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble?
Emmanuel Lacour ([EMAIL PROTECTED]) wrote:
> What's the use of noexec flag???
If you mount partitions of a different OS or
machine, whose programs can't or shouldn't be
executed.
- Rolf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PRO
Previously Ethan Benson wrote:
> its not, it provides you NO extra security whatsoever, and will break
> many many things.
It breaks a fair number of scripts that script-kiddies use, and as
such it is somewhat useful.
Wichert.
--
___
On Thu, Nov 08, 2001 at 03:13:05PM +0100, Emmanuel Lacour wrote:
> Hi,
>
> I've got an ix86 with woody installed today, made a separate partition
> for /tmp and mounted it noexec (I thinks it's a good Idea...).
its not, it provides you NO extra security whatsoever, and will break
many many things
Previously Emmanuel Lacour wrote:
> Is this due to debconf or to the scripts preinst from ntpdate??
You hit bug# 116448 (see http://bugs.debian.org/116448)
Wichert.
--
_
/[EMAIL PROTECTED] This space intentionally left
Previously Ethan Benson wrote:
> 1: if your system is vulnerable to script kiddies then admin needs to
>be taken out back and beaten with a large LART.
Sure, but I don't mind having a hopefully completely redundant extra
layer in there.
> 2: if the script kiddie even has 2 tenths of a percen
Hi,
I've got an ix86 with woody installed today, made a separate partition
for /tmp and mounted it noexec (I thinks it's a good Idea...).
When apt-get installing ntpdate, I got the folowing error:
Can't exec "/tmp/config.4271": Permission denied at
/usr/share/perl/5.6.1/IPC/Open3.pm line 159
...
On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote:
> Previously Ethan Benson wrote:
> > its not, it provides you NO extra security whatsoever, and will break
> > many many things.
>
> It breaks a fair number of scripts that script-kiddies use, and as
> such it is somewhat useful.
Previously Emmanuel Lacour wrote:
> What's the use of noexec flag???
Historic thing mostly with very little practical use these days.
Wichert.
--
_
[EMAIL PROTECTED] This space intentionally left occupied \
| [EMAIL PRO
Ok, thanks for all the comments, I remember have been seen that we could
run a program in a noexec partition like you said. So I will continue
without noexec (and do more stuff on more usefull security tricks). Just
one question:
What's the use of noexec flag???
--
Easter-eggs
Wichert Akkerman <[EMAIL PROTECTED]> writes:
> Previously Ethan Benson wrote:
> > its not, it provides you NO extra security whatsoever, and will break
> > many many things.
>
> It breaks a fair number of scripts that script-kiddies use, and as
> such it is somewhat useful.
. FWIW it'll also br
Previously Ethan Benson wrote:
> its not, it provides you NO extra security whatsoever, and will break
> many many things.
It breaks a fair number of scripts that script-kiddies use, and as
such it is somewhat useful.
Wichert.
--
__
On Thu, Nov 08, 2001 at 03:13:05PM +0100, Emmanuel Lacour wrote:
> Hi,
>
> I've got an ix86 with woody installed today, made a separate partition
> for /tmp and mounted it noexec (I thinks it's a good Idea...).
its not, it provides you NO extra security whatsoever, and will break
many many thing
Previously Emmanuel Lacour wrote:
> Is this due to debconf or to the scripts preinst from ntpdate??
You hit bug# 116448 (see http://bugs.debian.org/116448)
Wichert.
--
_
[EMAIL PROTECTED] This space intentionally left
Hi,
I've got an ix86 with woody installed today, made a separate partition
for /tmp and mounted it noexec (I thinks it's a good Idea...).
When apt-get installing ntpdate, I got the folowing error:
Can't exec "/tmp/config.4271": Permission denied at
/usr/share/perl/5.6.1/IPC/Open3.pm line 159
..
48 matches
Mail list logo