INRE Re: [cobalt-security] RE: The nasty RaQ hack...: > >�You might want to chmod 700 gcc for a bit of extra security -that > >�RaQFuCk.sh script (or was it the SSL exploit) needs to get hold of gcc to > >�do it's thing. > > Yup, that's a neat idea. �Many UNIX exploits/worms rely on the C > compiler, so closing access to it will thwart them. �I guess I'd add it > to my "quick security guide"...
Just from my "personal" point of view, I chmod 444 the gcc program since any exploit that gets "root" level would still have access to gcc under mode 700. Under mode 444 is it not "executable" and therefore won't work for anyone without changing the mode first, but then again I am "paranoid" (see hosts.allow.conf) -- Larry Smith SysAd ECSIS.NET [EMAIL PROTECTED] _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
