From: Russell King <rmk@arm.linux.org.uk>
To: Jesse Pollard <jesse@cats-chateau.net>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Disturbing news..
Date: Wed, 28 Mar 2001 14:00:57 +0100 [thread overview]
Message-ID: <20010328140057.A6867@flint.arm.linux.org.uk> (raw)
In-Reply-To: <01032806093901.11349@tabby>; from jesse@cats-chateau.net on Wed, Mar 28, 2001 at 06:08:15AM -0600
On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
> Sure - very simple. If the execute bit is set on a file, don't allow
> ANY write to the file. This does modify the permission bits slightly
> but I don't think it is an unreasonable thing to have.
Even easier method - remove the write permission bits from all executable
files, and don't do the unsafe thing of running email/web browsers/other
user-type stuff as user root.
If it still worries you that root can write to files without the 'w' bit
set, modify the capabilities of the system to prevent it (there is a bit
that can be set which will remove this ability for all new processes).
--
Russell King (rmk@arm.linux.org.uk) The developer of ARM Linux
http://www.arm.linux.org.uk/personal/aboutme.html
next prev parent reply other threads:[~2001-03-28 13:02 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-03-27 21:29 [PATCH] mm/memory.c, 2.4.1 : memory leak with swap cache (updated) Richard Jerrell
2001-03-27 21:18 ` Rik van Riel
2001-03-27 23:10 ` Richard Jerrell
2001-03-27 22:57 ` Rik van Riel
2001-03-28 0:53 ` Ideas for the oom problem james
2001-03-28 0:52 ` Rik van Riel
2001-03-28 1:14 ` Doug Ledford
2001-03-28 3:21 ` Rik van Riel
2001-03-28 3:41 ` Doug Ledford
2001-03-28 3:53 ` Rik van Riel
2001-03-28 1:39 ` james
2001-03-28 5:52 ` Jonathan Morton
2001-03-28 6:16 ` Disturbing news Shawn Starr
2001-03-28 6:33 ` Disturbing news.. Idea Shawn Starr
2001-04-21 0:43 ` Serious Latency problems : 2.4.4-pre5 Shawn Starr
2001-03-28 7:19 ` Disturbing news Matti Aarnio
2001-03-28 7:27 ` Shawn Starr
2001-03-28 12:08 ` Jesse Pollard
2001-03-28 5:50 ` Ben Ford
2001-03-28 12:50 ` Walter Hofmann
2001-03-28 14:04 ` Simon Williams
2001-03-28 15:04 ` Olivier Galibert
2001-03-28 15:49 ` Simon Williams
2001-03-28 11:57 ` Ben Ford
2001-03-29 8:02 ` Helge Hafting
2001-03-28 17:51 ` Olivier Galibert
2001-03-28 12:53 ` Keith Owens
2001-03-28 13:00 ` Russell King [this message]
2001-03-28 14:10 ` Sean Hunter
2001-03-28 15:36 ` john slee
2001-03-28 16:18 ` Jonathan Lundell
2001-04-02 23:10 ` Dr. Kelsey Hudson
2001-03-28 17:29 ` Horst von Brand
2001-03-28 10:00 ` Helge Hafting
2001-03-28 13:25 ` Alexander Viro
2001-03-28 14:32 ` Romano Giannetti
2001-03-28 14:57 ` Bill Rugolsky Jr.
2001-03-28 14:57 ` Alexander Viro
2001-03-28 16:14 ` Romano Giannetti
2001-03-28 14:38 ` Ideas for the oom problem Hacksaw
2001-03-28 15:56 ` Andreas Rogge
2001-03-28 23:33 ` Hacksaw
2001-03-28 23:47 ` Tim Haynes
2001-03-29 0:12 ` Hacksaw
2001-03-27 21:51 ` [PATCH] mm/memory.c, 2.4.1 : memory leak with swap cache (updated) Linus Torvalds
-- strict thread matches above, loose matches on Subject: below --
2001-03-28 14:15 Disturbing news Jesse Pollard
2001-03-28 14:53 ` Russell King
2001-03-28 14:40 Jesse Pollard
2001-03-28 15:08 ` Russell King
2001-03-29 12:05 ` Walter Hofmann
2001-03-28 14:43 Jesse Pollard
2001-03-28 15:31 Jesse Pollard
2001-03-28 15:43 Jesse Pollard
2001-03-28 15:51 Jesse Pollard
2001-03-28 15:54 ` rmk
2001-03-28 21:19 ` Gerhard Mack
2001-03-29 17:10 Jesse Pollard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010328140057.A6867@flint.arm.linux.org.uk \
--to=rmk@arm.linux.org.uk \
--cc=jesse@cats-chateau.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox