On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
what do I need Perl on my server, apart from stuff I've added, like, amavisd or popb4smtp ??
If you had a Debian system then you could tell exactly which package declares dependency on perl. Debian's perl-base package is declared as "Priority: required" and "Essential: yes", in other words you'll have to shoot the Debian system in the head and try to pry perl-base out of its frozen hands if you want to take it out :). as far as I can tell, many/most/some of the infiltrations done through say
CMS vulnerabilities execute like 'perl sometext'
What would prevent an attack vector which includes installing a perl interpreter or a compiled perl program on the attacked server? if I was to rename perl to 'something_totally_different', and, edited
amavis/popb4smtp/whatever to use '#!something_totally_different' what's the downside here, apart from preventing exploits of unpatched CMSs etc??
I suspect you are looking at this in the wrong way - try to contain the CMS systems (e.g. maybe run them under a limited user and chroot or some other segregated environment) instead of trying to identify and hide all potential tools used by holes in the CMS. Good luck, --P -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
