Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: First patch :)
From: peter () ATTIC VUURWERK NL (Peter van Dijk)
Date: Sat, 30 May 1998 13:24:19 +0200


On Sat, 30 May 1998, Chris Evans wrote:

Hi,

The "ruid" idea and prevent exec/fork of suid programs, is a nice idea but
is really security through obscurity.
[snip]
syscall chmod 666 /etc/passwd
You got a point there, but there are two things to remember:
- no system is secure... anything that helps, helps.
- it _will_ stop script kiddies, as most exploits seem to be based on
'standard shellcode by Aleph One'.
And stopping script kiddies is a _big_ part of the job. Most of the
systems I've seen hacked where hacked with your average rootshell exploit.

Greetz, Peter.

---------------------------------------------------------------------------
 'Selfishness and separation have led me to   .   Peter 'Hardbeat' van Dijk
  to believe that the world is not my problem . network security consultant
  I am the world. And you are the world.'     .            (yeah, right...)
          Live - 10.000 years (peace is now)  .     peter () attic vuurwerk nl
---------------------------------------------------------------------------
  1:22pm  up 4 days, 20:48,  3 users,  load average: 1.40, 0.72, 0.30
---------------------------------------------------------------------------



  By Date           By Thread  

Current thread:
  • Re: First patch :) Peter van Dijk (May 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault