[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- Subject: Re: [cobalt-developers] Re: OpenSSL patch for Linux worm?
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Tue Sep 17 16:18:01 2002
- Organization: nobaloney.net
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Rick Garcia wrote:
> #chmod 0 `which gcc`
>
> Can anyone confirm that this is enough to stop the current SSL worm threat?
This will stop the threat, but at the expense of letting anyone who has
shell access use the gnu c compiler.
However, most of us either don't give people shell access, or if we do,
don't want them to compile programs; for most of us it's a good fix.
One thing to remember; if you do this, then when following instructions
to install software, even though the instructions may say you can run
the "make" command at any user and only need root access for "make
install", you'll need to run "make" (for most installs) as root after
this change is made.
Since once the program is run on your computer you're going to be
attacked you also should block the port the attacks come in on (if
memory serves it's port 2002).
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net, P. O. Box 52672, Riverside, CA 92517
voice: +1 909 778-9980 * fax: +1 909 548-9484