[svlug] security

[Mark Willey]

In message <Pine.LNX.3.96.981014103319.1821A-100000 at maxx.foo.net>, Bevan Schroe
der writes:
>On Wed, 14 Oct 1998, Jonathan Sergent wrote:
>Or you can keep all your games and install the patch (saw it on phrack a
>while ago) that turns the execute flag off in your stacks.  Makes buffer
>overflows a lot harder.
>(Or chmod o-a them and make a 'games' group of security-minded users only)

I applied this patch to fix the holes in the games:

rm -rf games

Worked great!

BTW, regarding RPM...  not everything is installed with RPM.  Or the
database may have been hacked.  "find" seemed pretty safe, and it works on
all systems, not just Red Hat.  The point is that you choose a file such as
/vmlinuz which presumably changed a bit after you installed the binaries.
If it has been touched (why?) then choose another or use another option of
find that specifies "last 30 days", etc...

Mark


--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe