Re: Bug#179125: maintainer scripts tries to exec script in /tmp

[Andreas Metzler <ametzler@downhill.at.eu.org>]

Richard Kettlewell <rjk@terraraq.org.uk> wrote:
> Russell Coker <russell@coker.com.au> writes:
>> If you have an administrative policy which precludes users running
>> their own executables then a noexec /tmp and /home are required.
>> Such a policy does not seem very sensible, as has been demonstrated
>> you can run Perl and shell scripts regardless.

> You can run binaries regardless of both noexec and the execute
> permission bits, too.  It's not clear that there's any point to the
> option at all.
[using /lib/ld-linux.so.2]

Using /lib/ld-linux.so.2 gets rid of the suid/sgid-bits, so noexec has
basically the same effect as mounting with nosuid.
                 cu andreas