Hi,
Currently, XDG_RUNTIME_DIR=/run/user/<UID> is mounted with rather
permissive, hardcoded mount options (or at least I couldn't find a documented
way of changing them). Specifically, a user is allowed to execute things from
his $XDG_RUNTIME_DIR. This effectively negates admin's ability to constrain
users, e.g. by mounting /home as noexec (I have seen this done in some
environments).
Is there a need to allow execution from $XDG_RUNTIME_DIR? And how
should one configure its mount options?Thanks, -- Leonid Isaev GPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
signature.asc
Description: PGP signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
