Re: (c 5.6) Running 2 versions of Apache ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Mon, Aug 29, 2011 at 4:57 PM, Corey Henderson <corman@xxxxxxxxxxxxx> wrote:
>> You  can avoid a lot of the problems by making sure
>> that apache can't write anywhere that is mounted with execute
>> capability.
>>
>
> Or install a security module to do that for you. One that I've written
> that is nearing the end of its beta:
>
> https://github.com/cormander/tpe-lkm
>
> In some cases, you can even tell it to let apache not exec anything at
> all, if you're not running cgi scripts or bytecode php deployments (zend,
> etc).
>

Would it have blocked this widely known/used vulnerability?
http://seclists.org/fulldisclosure/2010/Oct/257

-- 
  Les Mikesell
   lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux