Re: execute permissions in /tmp
On Sun, Jul 13, 2003 at 03:10:24PM -0400, Phillip Hofmeister wrote:
> On Sat, 12 Jul 2003 at 09:34:16PM -0400, Noah L. Meyerhans wrote:
> > Basically, what it comes down to is that you *can not* prevent files
> > from being executed. Even if you remove the execute bits from /tmp/ls
> > in the above example, you'll still be able to run it.
>
> I believe grsecurity ACLs will prevent /tmp from being loaded by
> ld-linux...
If the user can read files in /tmp, they can execute the code in them. What
problem is noexec /tmp supposed to solve?
--
- mdz
Reply to: