On Wed, Jan 14, 2004 at 03:53:35AM +0100, Arnoud Warmerdam wrote: > Hi, > > I have mounted my /tmp directory (which has it's own partition) with the > noexec option. The reason i did this, was that a poorly written cgi-script > caused a binary to be downloaded and executed in /tmp. Luckily, the > firewall prevented it from doing any harm, but i wanted to prevent this > from happening again. In the future i plan to place apache in a chroot > jail, but in the meantime this seemed like a good thing to do. Here is the > line from my /etc/fstab: > > /dev/sda9 /tmp ext2 noexec,nosuid,rw 0 2 >
-snip- > > Is it considered bad practice to mount /tmp with the noexec option? If not, > is there a way to tell apt to use another directory? > > > - Arnoud Warmerdam I got tmp mounted noexec too. /etc/apt/apt.conf.d/70debconf: // Pre-configure all packages with debconf before they are installed. // If you don't like it, comment it out. #DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";}; As you see, i dont like it. -- Frode Haugsgjerd Norway