Re: Bug#179125: maintainer scripts tries to exec script in /tmp
Richard Kettlewell <rjk@terraraq.org.uk> wrote:
> Russell Coker <russell@coker.com.au> writes:
>> If you have an administrative policy which precludes users running
>> their own executables then a noexec /tmp and /home are required.
>> Such a policy does not seem very sensible, as has been demonstrated
>> you can run Perl and shell scripts regardless.
> You can run binaries regardless of both noexec and the execute
> permission bits, too. It's not clear that there's any point to the
> option at all.
[using /lib/ld-linux.so.2]
Using /lib/ld-linux.so.2 gets rid of the suid/sgid-bits, so noexec has
basically the same effect as mounting with nosuid.
cu andreas
Reply to: