Em 27-05-2014 13:18, Eric Lalonde escreveu: > On a multi-user production system this is unattractive from this > system administrator's point of view. On a single-user system this is > redundant because the ports system already exists, and you have the > priveledge to install whatever you want. So you rm all the compilers from your system. And what you do when a user copies a binary from another machine that is compiled statically and executes it? Or when he uses the perl interpret that come with OpenBSD base install and runs a script? If a user has access to the system there's really no point in trying to preventing him/her to run anything they want, simply because it's very hard to do so. So, bottom line, if you don't want people executing code on your machine, don't give them access. > > I don't see the problem that is solved with this. No problem solved, just make the life of users simpler. Not every tool must solve a problem. Although there are some that create others problems.
Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC