Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Some Linux Distros Found Vulnerable By Default

Chuck Bucket default settings (541 comments)

This all comes down to default settings in a distro; what will be the least burdensome setting without compromising too much security. With Gentoo things are made a bit more secure. As an example users aren't automatically added to the wheel group, so I think this issue is in line with that. Additionally, I'm running gentoo-2.4.28-hardened-r4 kernel, is there a setting within the kernel that would prevent this? I see CONFIG_BSD_PROCESS_ACCT which I do not have set, but is that all that would be needed, or is /etc/security/limits.conf the proper place to set this? (just trying to figure out if my server is vuln w/o trying it and crashing my server first).

I for one am glad this is out now, instead of after an exploit is out using it! I'm checking my Linux and FreeBSD servers at home tonight.

CB

more than 9 years ago

Submissions

Chuck Bucket hasn't submitted any stories.

Journals

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>