Paul Howarth wrote: >> I can (sort of) see the argument for noexec on /var , >> but why on /tmp ? > > Why one and not the other? I guess I misunderstood. I thought the idea of noexec-ing /var was to ensure that files there weren't tampered with, and there didn't seem anything worth tampering with on /tmp . But I see now that the danger is more that /var or /tmp can be used as a blank sheet to write on. -- Timothy Murphy e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
