A few days ago, I asked how to do it. I stumbled across the answer whilst browsing Google on an entirely different topic. The answer is to add the parameters "noexec=on" and "noexec32=on" to the boot line. I've added it via "append" lines in /etc/lilo.conf
# # Linux bootable partition config begins # image = /boot/kernel-2.6-production root = /dev/sda1 label = Production read-only # read-only for checking append = "noexec=on noexec32=on" image = /boot/kernel-2.6-experimental root = /dev/sda1 label = Experimental read-only # read-only for checking append = "noexec=on noexec32=on" # # Linux bootable partition config ends # And now for the unrelated part, and the warning. I was reading up on GRUB, in case I decide to go 64-bit mode in the near future. Apparently, GRUB will *NOT* install if noexec/noexec32 are enabled. You have to turn them off before installing GRUB. -- Walter Dnes <[EMAIL PROTECTED]> In linux /sbin/init is Job #1 My musings on technology and security at http://tech_sec.blog.ca -- gentoo-user@gentoo.org mailing list