Improve Security with Polyinstantiation
Mar 03, 2008, 08:30 (0 Talkback[s])
(Other stories by Robb R. Romans)
[ Thanks to LinucksGirl for this link.
"To improve security, it's often wise to use more than one
method of protection (also called 'defense in depth'). That way, if
one method is breached, another method remains operational and
prevents further intrusion. This article describes a way to add
another layer of depth to your security strategy: using PAM to
polyinstantiate world-writeable shared directories. This means that
a new instance of a directory, such as /tmp, is created for each
"Polyinstantiation of world-writeable directories prevents the
following types of attacks..."