Hello Fraser, Yes, I have been doing the same with /tmp, but some debian packages won't install on noexec /tmp. But there are other directorieso n my system which are world writable - for example /var/tmp and /var/lock.
Can entire /var be mounted noexec? Monday, December 13, 2004, 4:17:19, you wrote: FC> I have the habit of mount /tmp with noexec,nosuid,nodev. I also mount /usr FC> and /boot ro. These minor changes can prevent common automated attacks FC> (probably the one you encountered) and don't cause any problems. -- bYE, Marki -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
