Wichert Akkerman <[EMAIL PROTECTED]> writes: > Previously Ethan Benson wrote: > > its not, it provides you NO extra security whatsoever, and will break > > many many things. > > It breaks a fair number of scripts that script-kiddies use, and as > such it is somewhat useful.
<nod>. FWIW it'll also break gzexe, as well (although why anyone would use that in this day & age...). Personally, I'd *like* to put noexec on /var and have done; for a firewall system tracking stable+secure that's not going to be dist-upgraded very often, being able to tighten these things down is reasonable. Still, dpkg has to have *somewhere* to run its pre/post-inst scripts. ~Tim -- We stood in the moonlight |[EMAIL PROTECTED] and the river flowed |http://spodzone.org.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
