Re: Bug#179125: maintainer scripts tries to exec script in /tmp
Richard Kettlewell <email@example.com> wrote:
> Russell Coker <firstname.lastname@example.org> writes:
>> If you have an administrative policy which precludes users running
>> their own executables then a noexec /tmp and /home are required.
>> Such a policy does not seem very sensible, as has been demonstrated
>> you can run Perl and shell scripts regardless.
> You can run binaries regardless of both noexec and the execute
> permission bits, too. It's not clear that there's any point to the
> option at all.
Using /lib/ld-linux.so.2 gets rid of the suid/sgid-bits, so noexec has
basically the same effect as mounting with nosuid.