Re: mounting /tmp noexec (was: Campus Computers)

To: Ian <ian@ids.org.au>
Cc: debian-security@lists.debian.org
Subject: Re: mounting /tmp noexec (was: Campus Computers)
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 26 Dec 2001 18:37:10 -0800
Message-id: <[🔎] 877kr99ynd.fsf@becket.becket.net>
In-reply-to: <[🔎] 20011227023316.GA1482@ids.org.au>
References: <[🔎] 20011227021726.GA1177@ids.org.au> <[🔎] 87bsgl9zh6.fsf@becket.becket.net> <[🔎] 20011227023316.GA1482@ids.org.au>

Ian <ian@ids.org.au> writes:

> for example, an insecure cgi script could allow a user to write to /tmp
> and get the web server to execute the script. By mounting /tmp noexec,
> this problem is potentially prevented (aside from the insecure script).

What sort of insecure cgi script are you thinking of?  If it's being
coerced into letting the user write a file and execute it, it can
presumably be coerced to just directly execute whatever it wants
without the rigamarole.

> so surely, if nothing needs to be executed, it is better to mount
> noexec?

noexec has no good purpose, really.  But it's intention was for
networked filesystems in certain environments, not a generalized
security tool.

In any case, it's part of the normal conventions of all Unix-based
systems that /tmp is accessible to every user, for writing files and
for executing them.

Reply to:

Follow-Ups:
- Re: mounting /tmp noexec (was: Campus Computers)
  - From: Wichert Akkerman <wichert@wiggy.net>

References:
- Campus Computers
  - From: Ian <ian@ids.org.au>
- Re: Campus Computers
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: mounting /tmp noexec (was: Campus Computers)
  - From: Ian <ian@ids.org.au>

Prev by Date: Re: mounting /tmp noexec (was: Campus Computers)
Next by Date: Re: mounting /tmp noexec (was: Campus Computers)
Previous by thread: Re: mounting /tmp noexec (was: Campus Computers)
Next by thread: Re: mounting /tmp noexec (was: Campus Computers)
Index(es):
- Date
- Thread