> From: [email protected] [mailto:discuss- > [email protected]] On Behalf Of Derek Martin > > 1. An attacker of your site is able to exploit a vulnerability to > upload a custom malicous loadable module for your managed service, > but can not otherwise gain access to a shell or the filesystem. > > 2. The same attacker is also able to exploit a separate bug to cause > the server to crash.
You receive notification that your production server is down, and your customers are being unserved and your business is losing $10k per minute. Are you going to checksum all of your system binaries before starting the service manually? Of course nothing is foolproof, but the above scenario is what selinux & apparmor & ilk are designed for. Identify and prevent processes that behave inconsistently with their normal programming. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
