[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?

Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
From: Gerrit Rüsing <gerrit@xxxxxxxxxxxx>
Date: Mon Sep 16 02:39:01 2002
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

Hi,

based on mod_ssl HOWTOs and documentations I believed that mod_sslmakes use

of the openSSL engine in /usr/sbin/.
Therefore I compiled the new version for this.
Am I save now?

- Gerrit

On Montag, Sep 16, 2002, at 11:16 Europe/Berlin, Wouter van Reevenwrote:

Hi,


there is a temporary solution for this worm : run

chmod 700 /usr/bin/gcc
as root. The worm needs to be able to compile in order to execute.Disabling the execution permissions for the httpd user will preventthis, therefore prevent the worm from executing. It's nothingpermanent of course, since no one will be able to compile apart fromroot...
Wouter van Reeven

Follow-Ups:
- Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
  - From: Gerald Waugh

References:
- Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
  - From: Wouter van Reeven

Prev by Date: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
Next by Date: RE: [cobalt-developers] Re: OpenSSL patch for Linux worm?
Previous by thread: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
Next by thread: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index