It is a risk, but it's a small one. Generally speaking, the files will be owned by that user, executed as that user, and pose a minimal risk since "that user" is unprivileged. However, it does allow for compiling code that could be used as a local privilege escalation and calling it from your "home" path. It's a trade off, really. Do you want to be extra strict and force people to use the binaries inside the trusted paths, or do you want to allow some flexibility so that users can write and maintain custom scripts for automating common tasks? You have to decide for yourself what is right for your environment.
On Tue, Apr 19, 2016 at 10:48 AM, Joe Schillinger <js...@protonmail.ch> wrote: > Hi misc, > > Should /home be mounted as noexec by default for security? I noticed > ~/bin is in the default $PATH (via /etc/skel/.profile), but isn't this > somewhat of a security risk? Theoretically, if a threat has unprivileged > access, wouldn't it be able to execute unauthorized programs? > > Someone mentioned this to me after they saw I was using ~/bin to house > my scripts, and it made me think. Anyone have any info on whether this > is/is not an issue? Are protections already in place in OpenBSD to > mitigate this? Am I getting trolled? > > Thanks, > Joe
