On 23/02/2004 at 13:02, Colin Leroy wrote: > On 23 Feb 2004 at 12h02, Kiko Piris wrote: > > Hi, > > > One other advantage in separating partitions is security: you can mount > > /boot ro,noexec,nodev,nosuid, /home nosuid,nodev, /tmp nosuid,nodev, > > etc. (http://www.seifried.org/lasg/installation/). > > /home nosuid is painful on real shared computers where users may want > their own ~/bin... > > Anyway, /lib/ld.so.1 has to be executable and running > `/lib/ld.so.1 /path/to/nosuid/partition/binary` runs the binary. Imho nosuid > is > a very minimal protection.
I guess you mean noexec. I was talking about nosuid. They're not the same... -- Kiko
