摘要
Linux/UNIX环境下,通过限制普通用户使用可写-可执行目录,可以防止攻击者利用这些用户的权限引入攻击程序,从而入侵系统;同时不妨碍普通用户正常地执行系统中已有的程序以完成其工作。就Linux/UNIX下的不可执行目录的设计与实现进行了探讨。
This paper comes up with an innovative idea: Non Executable Directory in Linux/UNIX environment.It helps promoting the safety of UNIX/Linux system by preventing attackers with ordinary rights from running evil programs (exploits, etc) in the system. At the game time,ordinary users working with Non Executable Directories still can run programs already in the system to finish their works.
出处
《计算机应用研究》
CSCD
北大核心
2004年第1期128-130,共3页
Application Research of Computers
