I was wondering if there's some security or other benefits in mounting /tmp with a "noexec" option. Even if scripts there can still be executed but - binary programs should not, right? At least something, I thought. When I was checking it out, unfortunately some apt-get updates started failing, like:
Preconfiguring packages ... Can't exec "/tmp/cvs.config.56471": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168. open2: exec of /tmp/cvs.config.56471 configure 1:1.12.9-16 failed at /usr/share/perl5/Debconf/ConfModule.pm line 44 cvs failed to preconfigure, with exit status 2 So now I just think it's wasted energy and tend to reverse that "noexec" flag to "standard" again. Any suggestions or experiences? Thanks, -- Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
