> Should /home be mounted as noexec by default for security? I noticed > ~/bin is in the default $PATH (via /etc/skel/.profile), but isn't this > somewhat of a security risk? Theoretically, if a threat has unprivileged > access, wouldn't it be able to execute unauthorized programs? > > Someone mentioned this to me after they saw I was using ~/bin to house > my scripts, and it made me think. Anyone have any info on whether this > is/is not an issue? Are protections already in place in OpenBSD to > mitigate this? Am I getting trolled?
yes you are right, our users should not have the ability to become programmers. they should not create programs in /tmp they should not create them in their own directory openbsd contains everything they need, and there is no need to invent any new software ever again. are you being trolled now?
