Mounting filesystems with "noexec"
Borja Marcos
borjamar at sarenet.es
Thu Sep 22 04:40:37 PDT 2005
> As long as you can disable/limit the logging. One very nasty
> "attack" would be
> to loop trying to run a binary. Blow your logging partition.
> Somebody could
> then use that to do other things that would normally be logged,
> safe in the
> knowledge that their activities wouldn't be logged.
>
> I've seen systems brought to their knees by similar well
> intentioned logging
> activities. It's not pretty :)
That's out of the question, of course :)
A sysctl could control it. Anyway, the same can happen with
zillions of logged events.
Borja.
More information about the freebsd-security
mailing list