[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- From: "Rick Garcia" <rick@xxxxxxxxxxxxxx>
- Date: Mon Sep 16 15:24:02 2002
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
#chmod 0 `which gcc`
Can anyone confirm that this is enough to stop the current SSL worm threat?
Rick
----- Original Message -----
From: "Oleg Volkov" <voleg@xxxxxxxxxxxx>
To: <cobalt-developers@xxxxxxxxxxxxxxx>
Sent: Monday, September 16, 2002 1:10 PM
Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
> > Hi,
> >
> > there is a temporary solution for this worm : run
> >
> > chmod 700 /usr/bin/gcc
> >
> > as root. The worm needs to be able to compile in order to execute.
> > Disabling the execution permissions for the httpd user will prevent
> > this, therefore prevent the worm from executing. It's nothing
> > permanent of course, since no one will be able to compile apart from
> > root...
> >
> > Wouter van Reeven
>
> I don't remember at which Cobalt which httpd
> run as root. So a preferrable solution is
> # chmod 0 `which gcc`
>
> Disabling run-time gcc closes door for every future worm
> supposed to be compiled on target machine.
>
> There is a best solution I can think about.
>
> --
> Oleg Volkov
> System Administrator
> SHUNRA Software Ltd.
> http://www.shunra.com
>
> +972-9-7643743/93121(w)
> +972-51-601914(m)
>
> _______________________________________________
> cobalt-developers mailing list
> cobalt-developers@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-developers
>