Re: apt-get and /tmp

To: debian-user@lists.debian.org
Subject: Re: apt-get and /tmp
From: Robert James Kaes <rjkaes@flarenet.com>
Date: Mon, 30 Sep 2002 16:36:23 -0400
Message-id: <[🔎] 20020930203623.GA16712@flarenet.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20020930172323.GD2225@kitenet.net>
References: <[🔎] 20020930155439.GA13601@flarenet.com> <[🔎] 20020930172323.GD2225@kitenet.net>

On Mon, 30 Sep 2002, Joey Hess wrote:
> Set APT::ExtractTemplates::TempDir in apt.conf
> 
> Note that noexec filesystems provide little or no protextion against an
> attacker who knows how to execute non-executable binaries with
> ld.so.

Thanks for the information.  I didn't know about the ld.so trick.  I'll
just remove the noexec option from the /tmp directory.
	-- Robert

-- 
  ------------------------------------------------------------------
    Robert James Kaes    ---  Flarenet Inc.  ---    (519) 426-3782
		       http://www.flarenet.com/
      * Putting the Service Back in Internet Service Provider *
  ------------------------------------------------------------------

Attachment: pgpiplPxN82EM.pgp
Description: PGP signature

Reply to:

References:
- apt-get and /tmp
  - From: Robert James Kaes <rjkaes@flarenet.com>
- Re: apt-get and /tmp
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Problems with mkinitrd-cd / mkbootimg
Next by Date: Problems in gnome 1.4 with statusbar
Previous by thread: Re: apt-get and /tmp
Next by thread: pine binaries
Index(es):
- Date
- Thread