From owner-freebsd-hackers@FreeBSD.ORG  Sun Jun 29 13:17:24 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 466BD37B401
	for <hackers@freebsd.org>; Sun, 29 Jun 2003 13:17:24 -0700 (PDT)
Received: from mail.bellavista.cz (mail.bellavista.cz [213.235.167.218])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DD94843FBF
	for <hackers@freebsd.org>; Sun, 29 Jun 2003 13:17:22 -0700 (PDT)
	(envelope-from neuhauser@bellavista.cz)
Received: from freepuppy.bellavista.cz (freepuppy.bellavista.cz [10.0.0.10])
	by mail.bellavista.cz (Postfix) with ESMTP id 16DE5379
	for <hackers@freebsd.org>; Sun, 29 Jun 2003 22:17:17 +0200 (CEST)
Received: by freepuppy.bellavista.cz (Postfix, from userid 1001)
	id E0E562FDAB2; Sun, 29 Jun 2003 22:17:16 +0200 (CEST)
Date: Sun, 29 Jun 2003 22:17:16 +0200
From: Roman Neuhauser <neuhauser@bellavista.cz>
To: hackers@freebsd.org
Message-ID: <20030629201716.GF11229@freepuppy.bellavista.cz>
Mail-Followup-To: hackers@freebsd.org
References: <20030623155627.5d0a0ad3.db@traceroute.dk>
	<Pine.GSO.4.44.0306241630480.419-100000@mail.ilrt.bris.ac.uk>
	<20030623155627.5d0a0ad3.db@traceroute.dk>
	<Pine.NEB.3.96L.1030623114101.52424E-100000@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.GSO.4.44.0306241630480.419-100000@mail.ilrt.bris.ac.uk>
	<Pine.NEB.3.96L.1030623114101.52424E-100000@fledge.watson.org>
User-Agent: Mutt/1.5.1i
Subject: Re: Mounting
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Jun 2003 20:17:24 -0000

# rwatson@freebsd.org / 2003-06-23 11:45:37 -0400:
> On Mon, 23 Jun 2003, Socketd wrote:
> > Would it be possible to have this configuration and not having the
> > system fail (because of lacking rights or something): 
 
> > /var/mail		noexec
> 
> nosuid would be fine here also. 

# Jan.Grant@bristol.ac.uk / 2003-06-24 16:31:33 +0100:
> On Mon, 23 Jun 2003, Socketd wrote:
> > /tmp and /var/tmp 	noexec (I know /tmp has to be execuable to make
> > world)
> 
> nosymfollow. I've not found anything that this breaks (except a
> gazillion symlink race exploits).

    This questions will be probably extremely stupid:
    why aren't these defaults?

-- 
If you cc me or remove the list(s) completely I'll most likely ignore
your message.    see http://www.eyrie.org./~eagle/faqs/questions.html