Categories
Internet, Unix en security

A /tmp for every user

With the transition towards /run some temporary files will move towards /run/user/, but enough files remain in /tmp. Files that may leak information or be a point of code injection as shown with CVE-2012-3355. A first step is to create a temporary directory for every user when he or she logs in to restrict the […]

Categories
Internet, Unix en security

A goodbye to Java

In the past I already removed Flash and Mono from my systems due to security concerns, but since CVE-2011-3544 it was the final call for Java. It took some dependency checking as Debian was replacing OpenJDK with GCJ or vice versa in most cases, but the command below finished that on a lot of systems. […]