lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <41CEA502.9060004@gioco.net>
Date: Sun, 26 Dec 2004 12:48:18 +0100
From: Raistlin <raistlin@...co.net>
To: Paul Laudanski <zx@...tlecops.com>
Cc: Juergen Schmidt <ju@...sec.de>, bugtraq@...urityfocus.com,
        full-disclosure@...ts.netsys.com
Subject: Re: Re: New Santy-Worm attacks *all* PHP-skripts


Paul Laudanski wrote:

> For this particular strain it would certainly help, but that is why there 
> exists new variations.  

Of course - it's no solution.

> Certainly doing it to /tmp, /usr/tmp, /var/tmp 
> could help, but it isn't 100% foolproof, and some don't even consider it 
> security.

Just a bit of hardening :)

> Then again, you can always disable the functions in php.ini for exec and 
> system for instance to help stave off other similar attacks.

That's implicit in safe_mode, AFAIK !

-- 
Stefano "Raistlin" Zanero
System Administrator Gioco.Net
public PGP key block at http://gioco.net/pgpkeys
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ