Making /tmp noexec

To: Debian User List <debian-user@lists.debian.org>
Subject: Making /tmp noexec
From: James Allsopp <jamesaallsopp@googlemail.com>
Date: Fri, 12 Nov 2010 13:30:49 +0000
Message-id: <[🔎] 4CDD4189.4030705@googlemail.com>

Hi,
I was reading this page about making tmp non-executable
(http://pario.no/2007/10/04/making-tmp-non-executable/) but it seems a
little out of date as I'm using Squeeze.

I changed fstab, and edited by 70debconf to

DPkg::Pre-Install-Pkgs {"mount -o remount,exec
/tmp";"/usr/sbin/dpkg-preconfigure --apt || true";};
DPkg::Post-Invoke{"mount -o remount /tmp";};

is this correct? Aptitude still works fine, but I was wondering if
anyone had experience of pitfalls with this?

Would I replicate this for my /var partition and is there any point to
doing this with /home?

Thanks,
Jim

Reply to:

Follow-Ups:
- Re: Making /tmp noexec
  - From: David Sastre <d.sastre.medina@gmail.com>
- Re: Making /tmp noexec
  - From: Sven Joachim <svenjoac@gmx.de>

Prev by Date: Re: can't serve php files in apache2
Next by Date: Re: Second display as dedicated desktop workspace?
Previous by thread: Re: about cd/dvd burners
Next by thread: Re: Making /tmp noexec
Index(es):
- Date
- Thread