RE: Partition mount options (was Re: apg-get: "Can't exec "/var
>
> I suspect this isn't something Debian can fix and make go away.
>
> Following discussion here a few weeks ago, I tweaked several of my
> partition mount options, specifically disallowing suid, dev, and exec
> privileges on a number of partitions. I suspect 'noexec' is going to be
> a bit problematic in a number of places. I've since changed /var to
> allow 'exec' privileges.
>
dpkg stores its info in /var/lib/dpkg/info. Files in there are package
maintainer scripts, they must be executable. So, at least that much of /var
must be too.
moving those scripts could be hard, and would also have to be handled as an
upgrade path.
Reply to: