[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /home as noexec and X

joost@pc47.mpn.cp.philips.com wrote:
> On Thu, 10 Dec 1998, Avery Pennarun wrote:
> > I already suggested logic like this:
> >
> >       if it exists
> >               if it's executable (chmod +x)
> >                       execute it
> >               else if it's not executable
> >                       run it with 'sh'
>                                     ^^^^
> Can this be changed into:
>                         run it with "user's shell in /etc/passwd"
> ?

Bad idea.  Some shells (e.g. csh/tcsh) are good for interactive shells,
but inappropriate for scripts.  In particular, there can be issues with
filehandles.  Scripts that seem to run fine when invoked directly can
cause problems and even data loss when called from another program. 
(There are collections of war stories.)  And I don't even want to think
about the results for someone who uses some really oddball shell, like,
say, a custom menu program.  Catastrophic might be a good description of
the result.

It also makes it more difficult for sysadmins who want to set up a
default .xsession in /etc/skel.

Of course, I'm somewhat dubious about the whole idea of scripts that
aren't executable in the first place.  And if it is executable, you can
put #!/whatever/you/want.  But that's another issue.
Chris Waters   xtifr@dsp.net | I have a truly elegant proof of the
      or    xtifr@debian.org | above, but it is too long to fit into
http://www.dsp.net/xtifr     | this .signature file.

Reply to: