> > > noexec has no good purpose, really. But it's intention was for > > > networked filesystems in certain environments, not a generalized > > > security tool. > > > > It's very useful for mounting filesystems like vfat, where otherwise > > all the files are marked executable which makes mc a PITA to use for > > examining archive files (mc tries to execute them!). > > Ah, interesting. ;) Of course, that isn't a security related reason.
It's just wrong. If you will mount filesystem with noexec option (try!) files may have 'x' permission. And they can *look* executable (e.g. on vfat partition you will see all files 'executable', as usual). The only difference is that if you will try to execute such file you will get 'permission denied' error message. But mc will try to execute every file :) [terrapin] 08:46:52 ~$ sudo mount -o remount,noexec /tmp Password: [terrapin] 08:47:11 ~$ touch /tmp/a [terrapin] 08:47:14 ~$ chmod +x /tmp/a [terrapin] 08:47:17 ~$ ls -l /tmp/a -rwxr-xr-x 1 alexey alexey 0 ��� 3 08:47 /tmp/a [terrapin] 08:47:21 ~$ /tmp/a bash: /tmp/a: Permission denied [terrapin] 08:47:25 ~$ -- Alexey "Python is executable pseudocode, Perl is executable line-noise." -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
