On Sat, 13 Nov 2010 03:34:36 +0000 teddi...@tmo.blackberry.net wrote: > > This is more of an F-MY-I question, but if the /tem dir is a separate > partition and your using a mount command in fstab, could you limit the > execute capabilities via umask? > > I would think umask=111 would set the directory world read and write with no > Execute permissions >
Couldn't you use the noexec option in fstab? That way you wouldn't have to mess with umasks, and i *think* it is more secure - a file in mode 666 can still be executed with /lib/ld*.so 'cmd'. -- rbmj -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101113160010.872abff7.r...@verizon.net
