Re: [OT] fhs and multiple partitions (was: Installing Debian using ...)
On 23 Feb 2004 at 12h02, Kiko Piris wrote:
> One other advantage in separating partitions is security: you can mount
> /boot ro,noexec,nodev,nosuid, /home nosuid,nodev, /tmp nosuid,nodev,
> etc. (http://www.seifried.org/lasg/installation/).
/home nosuid is painful on real shared computers where users may want
their own ~/bin...
Anyway, /lib/ld.so.1 has to be executable and running
`/lib/ld.so.1 /path/to/nosuid/partition/binary` runs the binary. Imho nosuid is
a very minimal protection.