From owner-freebsd-hackers@FreeBSD.ORG Tue Jun 24 08:33:09 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B913037B401 for ; Tue, 24 Jun 2003 08:33:09 -0700 (PDT) Received: from dire.bris.ac.uk (dire.bris.ac.uk [137.222.10.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id B47EF43F3F for ; Tue, 24 Jun 2003 08:33:08 -0700 (PDT) (envelope-from Jan.Grant@bristol.ac.uk) Received: from mail.ilrt.bris.ac.uk by dire.bris.ac.uk with SMTP-PRIV with ESMTP; Tue, 24 Jun 2003 16:33:04 +0100 Received: from cmjg (helo=localhost) by mail.ilrt.bris.ac.uk with local-esmtp (Exim 3.16 #1) id 19Upld-0000Q9-00; Tue, 24 Jun 2003 16:31:33 +0100 Date: Tue, 24 Jun 2003 16:31:33 +0100 (BST) From: Jan Grant X-X-Sender: cmjg@mail.ilrt.bris.ac.uk To: Socketd In-Reply-To: <20030623155627.5d0a0ad3.db@traceroute.dk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: Jan Grant cc: hackers@freebsd.org Subject: Re: Mounting X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jun 2003 15:33:10 -0000 On Mon, 23 Jun 2003, Socketd wrote: > Hi again > > Would it be possible to have this configuration and not having the > system fail (because of lacking rights or something): > > /tmp and /var/tmp noexec (I know /tmp has to be execuable to make > world) nosymfollow. I've not found anything that this breaks (except a gazillion symlink race exploits). -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ Goedel would be proud - I'm both inconsistent _and_ incomplete.