Wichert Akkerman <[EMAIL PROTECTED]> writes: > Previously Thomas Bushnell, BSG wrote: > > What sort of insecure cgi script are you thinking of? > > Trivial protection against stupid rootkits. > > > In any case, it's part of the normal conventions of all Unix-based > > systems that /tmp is accessible to every user, for writing files and > > for executing them. > > debconf seems to be the only thing relying on it, I've been using > a nonexec /tmp for a while now without noticing any other problems.
Posix requires a /tmp directory which arbitrary programs can write to, and Posix knows nothing of noexec; a valid program of any sort could well decide to use that feature, and Debian shouldn't bother trying to work around it, IMHO.
