[Wolves] Linux viruses

Simon Burke simon.burke at gmail.com
Wed Dec 8 09:59:49 GMT 2004


On Wed, 08 Dec 2004 08:41:34 +0000, David Goodwin <dg at clocksoft.com> wrote:

> 
> Some sysadmin type howto's recommend doing this for e.g. /var;
> unfortunately I don't think people are strict enough in where binaries
> go for this to be totally practical, so might require a bit of
> experimentation. /tmp would be another good candidate.
> 
> Then again you could also make /usr read only etc.
> 
This is pretty much what i do, but its getting harder to do it now.
Even instaliing linux requires exec to var (e.g. ubuntu).
I tend to noexec /var and /home and mount /tmp to a ram disk. I havnt
had any problems yet running like this.

-- 
Theres no place like ::1

Thanks,
SimonB



More information about the Wolves mailing list