On Tue, 10 Oct 2017 19:35:49 +0100
> From: Kevin Chadwick <m8il1i...@gmail.com> > To: misc@openbsd.org > Subject: Re: reordering libraries:/etc/rc[443]: ./test-ld.so: > Permission denied Date: Tue, 10 Oct 2017 19:35:49 +0100 > > On Wed, 27 Sep 2017 21:43:48 -0500 > > > > Why is this happening, and is there anything that I should do to > > correct > > > > The system has been getting more and more dynamic to make attackers > fumble in the dark. > > > the "Permission denied" error? > > If you prefer then add: > > /sbin/mount -uo noexec /tmp > > to /etc/rc.local > > The new pledge powers that have been mentioned recently potentially > make noexec more useful ;) > > I am moving all potentially problematic fstab changes such as ro > to /etc/rc.local (/sbin/mount -urf /), letting the devs use the system > during boot as they would their own system. RO /usr also breaks the shiny new kernel relinking. So the best I have come up with is crontab lines @reboot sleep 60 mount -urf /usr The 60 may be too short on very old systems. Perhaps it's time to drop the ro but I'm quite attached to my security blanket, lol ;)
