Re: /home as noexec and X

To: debian-devel@lists.debian.org
Subject: Re: /home as noexec and X
From: Marc Barnett <marc@mtjeff.com>
Date: Wed, 9 Dec 1998 19:22:34 -0800
Message-id: <[🔎] 19981209192234.A18946@beowulf.bayarea.net>
In-reply-to: <[🔎] 19981209204106.A7996@fantomas.sk>; from Matus fantomas Uhlar on Wed, Dec 09, 1998 at 08:41:06PM +0100
References: <[🔎] 19981209115242.B5277@fantomas.sk> <[🔎] 19981209171746.B1580@cs.leidenuniv.nl> <[🔎] 19981209204106.A7996@fantomas.sk>

On Wed, Dec 09, 1998 at 08:41:06PM +0100, Matus fantomas Uhlar wrote:
> I just don't want any user to download any executable and use it.
> maybe i'm paranoid about security but this sounds like good idea to me;

Perhaps with an appropriately captive or ignorance audience, otherwise 
they will just go somewhere else. This will cause apparently random 
effects, as you've already experienced. 

Remember to mount /tmp, /var/tmp and if you have tetex installed
/var/spool/tekmf/*  the same way, or it also doesn't solve much.
Additionally, with perl available there is very little you can't do. 
The user just has to alias all perl scripts.

nosuid is probably a better mount option.

Reply to:

References:
- /home as noexec and X
  - From: "Matus \"fantomas\" Uhlar" <uhlar@fantomas.sk>
- Re: /home as noexec and X
  - From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>
- Re: /home as noexec and X
  - From: Matus fantomas Uhlar <uhlar@fantomas.sk>

Prev by Date: Gnumaniak now DFSG compliant!!
Next by Date: Re: Policy: Mail folder creation (Re: Debian mutt package)
Previous by thread: Re: /home as noexec and X
Next by thread: Re: /home as noexec and X
Index(es):
- Date
- Thread