启用ExecShield保护 – ExecShield是安全的Linux内核补丁,可避免蠕虫等问题。
添加到后
/etc/sysctl kernel.exec-shield = 1 得到这个错误sysctl:不能stat /proc/sys/kernel/exec-shield: No such file or directory
输出:
root@ashishk:/home/ashish/MyScripts# sysctl -p sysctl: cannot stat /proc/sys/kernel/exec-shield: No such file or directory kernel.randomize_va_space = 1 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 5 net.ipv4.conf.all.log_martians = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.icmp_echo_ignore_all = 1 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1
我能知道什么是错的吗?
c4f4t0r已经为评论中的直接问题提供了答案,但并不完全准确。
exec-shield继续存在; 实际上被删除的是通过sysctl设置禁用它的选项
https://access.redhat.com/solutions/974563 (链接需要RedHat订阅,由于版权问题,没有提供该链接的确切链接)。