On Tue, Oct 23, 2001 at 02:37:23PM +1000, Andrew Pollock wrote: > I've got /tmp mounted rw,noexec,nosuid,nodev because I think I read > somewhere that that was a good way to go security-wise. > > It seems that some package related configuration stuff writes > temporary scripts into /tmp, which then don't run because /tmp's > mounted noexec
There's already been a bug filed about this and bounced around a few places (eventually ending up with debconf), so if you're running unstable then with any luck you should find that it's fixed soon. > Should perhaps such scripts be placed elsewhere? /var/tmp? Is mounting > /tmp noexec a bit pointless? noexec is really just a sanity check anyway as far as interpreted scripts are concerned. (Compare '/tmp/foo' with 'perl /tmp/foo'.) nodev and nosuid are more useful. -- Colin Watson [EMAIL PROTECTED]
