[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mounting /tmp noexec (was: Campus Computers)

Wichert Akkerman <wichert@wiggy.net> writes:

> Previously Thomas Bushnell, BSG wrote:
> > Posix requires a /tmp directory which arbitrary programs can write to,
> > and Posix knows nothing of noexec; a valid program of any sort could
> > well decide to use that feature, and Debian shouldn't bother trying to
> > work around it, IMHO.
> 
> On the other, it's completely trivial to work around it and I don't
> see any reason not to go above and beyond what POSIX specifies.

It depends on the program.  It's perfectly clear that many programs
cannot work around it, because the only place they know where they can
write a file is /tmp.

You might as well say that it's easy to work around a non-writeable
/tmp too.  Indeed it is, but that's not the point.
Reply to: