Re: mounting /tmp noexec (was: Campus Computers)
Previously Thomas Bushnell, BSG wrote:
> What sort of insecure cgi script are you thinking of?
Trivial protection against stupid rootkits.
> In any case, it's part of the normal conventions of all Unix-based
> systems that /tmp is accessible to every user, for writing files and
> for executing them.
debconf seems to be the only thing relying on it, I've been using
a nonexec /tmp for a while now without noticing any other problems.
Wichert.
--
_________________________________________________________________
/wichert@wiggy.net This space intentionally left occupied \
| wichert@deephackmode.org http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
Reply to: