Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts
From: Raistlin (raistlingioco.net)
Date: Sun Dec 26 2004 - 05:48:18 CST
Paul Laudanski wrote:
> For this particular strain it would certainly help, but that is why there
> exists new variations.
Of course - it's no solution.
> Certainly doing it to /tmp, /usr/tmp, /var/tmp
> could help, but it isn't 100% foolproof, and some don't even consider it
Just a bit of hardening :)
> Then again, you can always disable the functions in php.ini for exec and
> system for instance to help stave off other similar attacks.
That's implicit in safe_mode, AFAIK !
Stefano "Raistlin" Zanero
System Administrator Gioco.Net
public PGP key block at http://gioco.net/pgpkeys
Full-Disclosure - We believe in it.