Moscowchannel.com hack

Adamsc Adamsc at io-online.com
Mon Sep 2 01:18:42 PDT 1996


On Sun, 1 Sep 1996 12:22:40 -0500 (CDT), Igor Chudov @ home wrote:

>> > > Write your web site to a CD-ROM and hard-code the base directory into the
>> > > webserver.
>> > 
>> > A hacker who has root can forcibly unmount the cdrom and mount another
>> > directory on that node. Not a good solution.
>> 
>> Real hard disks such as RL02's & RK07's have WRITE DISABLE
>> switches....
>> 
>
>You can't mount the whole Unix read-only, so there will always be a place
>to put the hacked web page, and then mount that place over DocumentRoot.
If you had enough RAM in the machine, you could disable swapping, send all log
files to /dev/nul (or /dev/lp0), run *only* a web server or anything else that
can avoid writing to disk (probably no CGI, etc).  It wouldn't be too
interesting, but then you probably don't want much happening on your web server
anyway. You could even wire that write-disable switch or jumper into a
keyswitch on the main console.

- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said.
* Home: Chris Adams <adamsc at io-online.com> | http://www.io-online.com/adamsc/adamsc.htp
* Autoresponder: send email w/subject of "send resume" or "send PGPKEY"
* Work: cadams at acucobol.com | V.M. (619)515-4894 | (619)689-6579
* Member in good standing of the GNU whirled hors d'oeuvre







More information about the cypherpunks-legacy mailing list