Re: limiting user access

To: Anthony Towns <aj@azure.humbug.org.au>
Cc: debian-user@lists.debian.org, debian-policy@lists.debian.org
Subject: Re: limiting user access
From: Joey Hess <joey@kitenet.net>
Date: Thu, 12 Feb 1998 23:24:07 -0800
Message-id: <[🔎] 19980212232407.06097@kite>
In-reply-to: <[🔎] 87oh0cjqa6.fsf@azure.humbug.org.au>; from Anthony Towns on Fri, Feb 13, 1998 at 10:34:57AM +1000
References: <[🔎] Pine.BSI.3.95.980212112059.23295N-100000@ns1.midco.net> <[🔎] 87oh0cjqa6.fsf@azure.humbug.org.au>

Anthony Towns wrote:
> according to the FSSTND, but at least a couple of packages use /var
> for executable files, notably dpkg (/var/lib/dpkg/info/*), and the
> distributed-net client (/var/lib/distributed-net/distributed-net).
> 
> BTW, if /var was noexec, it remains possible to have something like
> /var/lib/distributed-net/distributed-net -> /usr/bin/distributed-net,
> and still be able to cd /var/lib/distributed-net; ./distributed-net,

This is currently exactly how /var/lib/distributed-net/distributed-net is
set up, so I don't know what you're worrying about.

/var/lib/dpkg/info/* is a stickier problem..

-- 
see shy jo


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Re: limiting user access
  - From: Nathan E Norman <finn@midco.net>
- Re: limiting user access
  - From: Anthony Towns <aj@azure.humbug.org.au>

Prev by Date: Re: NCPFS seems broken on 2.1 kernels...
Next by Date: problems trying to compile qt example from tutorial
Previous by thread: Re: limiting user access
Next by thread: Re: limiting user access
Index(es):
- Date
- Thread