Re: /home as noexec and X

To: Ben Gertzfield <che@debian.org>
Cc: Matus fantomas Uhlar <uhlar@fantomas.sk>, debian-devel@lists.debian.org
Subject: Re: /home as noexec and X
From: Avery Pennarun <apenwarr@worldvisions.ca>
Date: Wed, 9 Dec 1998 16:08:44 -0500
Message-id: <[🔎] 19981209160844.A7763@worldvisions.ca>
In-reply-to: <[🔎] yttu2z5xdf3.fsf@gilgamesh.cse.ucsc.edu>; from Ben Gertzfield on Wed, Dec 09, 1998 at 12:34:24PM -0800
References: <[🔎] 19981209115242.B5277@fantomas.sk> <[🔎] 19981209171746.B1580@cs.leidenuniv.nl> <[🔎] 19981209204106.A7996@fantomas.sk> <[🔎] yttu2z5xdf3.fsf@gilgamesh.cse.ucsc.edu>

On Wed, Dec 09, 1998 at 12:34:24PM -0800, Ben Gertzfield wrote:

> >>>>> "Matus" == Matus fantomas Uhlar <uhlar@fantomas.sk> writes:
> 
>     Matus> I just don't want any user to download any executable and
>     Matus> use it.  maybe i'm paranoid about security but this sounds
>     Matus> like good idea to me; maybe linux kernel could be patched
>     Matus> to allow executing of scripts (starting with #!) on
>     Matus> partition mounted as "noexec"
> 
> This would pretty much make the point of noexec invalid.. :)

Not at all.  Any script could have been run by typing

		<part after the #!> scriptname

anyway, even on a noexec filesystem.  Noexec for binaries makes sense,
noexec for scripts is just inconvenient.

That said, I think it should be a separate mount option.  noscripts or
something.

Have fun,

Avery

Reply to:

References:
- /home as noexec and X
  - From: "Matus \"fantomas\" Uhlar" <uhlar@fantomas.sk>
- Re: /home as noexec and X
  - From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>
- Re: /home as noexec and X
  - From: Matus fantomas Uhlar <uhlar@fantomas.sk>
- Re: /home as noexec and X
  - From: Ben Gertzfield <che@debian.org>

Prev by Date: Re: does the Debian Keyboard Configuration Project still exist?
Next by Date: PGP key signing tonight in Montreal?
Previous by thread: Re: /home as noexec and X
Next by thread: Re: /home as noexec and X
Index(es):
- Date
- Thread