Re: [Full-Disclosure] Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation)
From: Eric Paynter <eric@arcticbears.com>
Date: Fri Jul 09 2004 - 12:26:23 EDT
Date: Fri Jul 09 2004 - 12:26:23 EDT
On Fri, July 9, 2004 7:43 am, http-equiv@excite.com said:
> There are lots of little .tmp files generated and accessible
> remotely to be had, Adobe *.pdf's and a vast array of Microsoft
> Office 2003 crud to name just two. Many others which have been
> identified and discussed in the past as well.
I think:
mount /dev/xxxx /tmp -o noexec
would reduce the risk significantly. Can you do something equivalent in
Windows?
-Eric
-- arctic bears - affordable custom email and name services http://www.arcticbears.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Fri Jul 09 12:56:16 2004
This archive was generated by hypermail 2.1.8 : Fri Jul 09 2004 - 13:02:59 EDT
Custom Search
