[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon Sep 16 14:12:00 2002
- Organization: Front Street Networks LLC
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
On Monday 16 September 2002 04:10 pm, Oleg Volkov wrote:
> > Hi,
> >
> > there is a temporary solution for this worm : run
> >
> > chmod 700 /usr/bin/gcc
> >
> > as root. The worm needs to be able to compile in order to execute.
> > Disabling the execution permissions for the httpd user will prevent
> > this, therefore prevent the worm from executing. It's nothing
> > permanent of course, since no one will be able to compile apart from
> > root...
> >
> > Wouter van Reeven
>
> I don't remember at which Cobalt which httpd
> run as root. So a preferrable solution is
> # chmod 0 `which gcc`
>
> Disabling run-time gcc closes door for every future worm
> supposed to be compiled on target machine.
>
> There is a best solution I can think about.
I do chmod -x /usr/bin/gcc
then when I need to use it.
chmod +x /usr/bin/gcc
--
Gerald
http://frontstreetnetworks.com http://raqware.com
Front Street Networks LLC Phone: +1 203 785 0699
229 Front Street, Ste. C, New Haven CT 06513-3203