Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
otterley
3 days ago
|
parent
|
context
|
favorite
| on:
Shai-Hulud compromised a dev machine and raided Gi...
Typical defense against this is to mount all user-writable filesystems as `noexec` but unfortunately most OSes don't do that out of the box.
mr_mitm
3 days ago
|
next
[–]
It could have created a bash alias then. And I don't think a dev wants to be restricted in creating executables. Again, if a dev can do it, so can the malware.
reply
dividuum
3 days ago
|
prev
|
next
[–]
I remember you could trivially circumvent that with „/lib/ld-linux.so <executable>“. Does that no longer work?
reply
lights0123
3 days ago
|
parent
|
next
[–]
noexec now prevents mmaping files on that filesystem as executable.
reply
LtWorf
3 days ago
|
prev
[–]
Kinda hard to work as a software developer then.
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
