Re: Debconf and noexec on /tmp
Ethan Benson <erbenson@alaska.net> writes:
[snip]
> so here is the situation:
>
> i don't leave open holes that script kiddies use with thier skripts only
> a dumbass skript kiddie will be foiled by noexec /tmp skript kiddies will
> be foiled by the fact that my boxes are always up to date and patched
> against all known vulnerabilities.
>
> therefore noexec /tmp gives nothing but inconvenience and no added
> security.
There is a school of thought that says there is no such thing as `secure',
only making it as hard work -inconvenient- for someone to persist in
attacking you.
That's why, the more layers I can throw in someone's face, be it
firewalling, more than just `defaults' in fstab, running libsafe, the better.
~Tim
--
10:04:04 up 2 days, 12:03, 10 users, load average: 0.26, 0.17, 0.09
piglet@stirfried.vegetable.org.uk |Rushing onwards, tracing the chains,
http://piglet.is.dreaming.org |Chasing the days, chasing the days.
Reply to: