Re: nosuid option for '/'?

1999-10-17 Thread Matus \fantomas\ Uhlar 
-  And if nosuid is
-  a good thing for this system, can it be implemented for the
-  /home directories only, without doing it for the whole / directory? 
- 
- Being that nosuid is a mount option, this would be quite easy to do if
- your /home was a separate partition, which I assume it is not.

/ should NOT be mounted nosuid. but you can mount filesystems as /tmp /home
and /var as noexec (the only problem will be with /var/lib/dpkg where dpkg
unpacks preinstall and postinstall scripts)


-- 
 Matus fantomas Uhlar, sysadmin at NEXTRA, Slovakia; IRC admin of *.sk
 [EMAIL PROTECTED]; http://www.fantomas.sk/; http://www.nextra.sk/
 LSD will make your ECS screen display 16.7 million colors

Re: nosuid option for '/'?

1999-10-13 Thread Dwayne C . Litzenberger 
 And if nosuid is
 a good thing for this system, can it be implemented for the
 /home directories only, without doing it for the whole / directory? 

Being that nosuid is a mount option, this would be quite easy to do if
your /home was a separate partition, which I assume it is not.

Somewhere in your startup files, there will be a line that remounts your
root filesystem read-write, like:

 mount / -o remount,rw

try changing it to:

 mount / -o remount,rw,nosuid

-- 
I already have all the latest software.
 -- Laura Winslow, Family Matters

Dwayne Litzenberger - [EMAIL PROTECTED]

Advertising Policy: http://DLitzPower.tripod.com/spamoff.htm
GnuPG Public Key:   http://DLitzPower.tripod.com/gpgkey.asc
 Fingerprint:   0535 F7CF FF5F 8547 E5A5  695E 4456 FB6C BC39 A4B0



pgppcYOma5MLB.pgp
Description: PGP signature

Re: nosuid option for '/'?

1999-10-13 Thread Brad 
-BEGIN PGP SIGNED MESSAGE-

On Tue, 12 Oct 1999, Art Lemasters wrote:

  Do any of you see any potential problem with putting the 'nosuid'
 option for the '/' directory in /etc/fstab?

Yes. Various essential apps that should be in / (/bin actually, which
should be on /) require suid. Unless you don't mind not being able to
login as anyone besides root ;)

 And if nosuid is a good thing for this system, can it be implemented
 for the /home directories only, without doing it for the whole /
 directory?

If /home is a separate partition, certainly. Just make the modification
the the /home line of fstab. If not, then no.


- -- 
  finger for PGP public key.

-BEGIN PGP SIGNATURE-
Version: 2.6.3ia
Charset: noconv

iQCVAwUBOAPXXL7M/9WKZLW5AQE1QgP/T1AxfUtMXff3YvKSOFPyJ1F+q4cOU3gN
OLmJE1q6GIV2NLiEKP3oMOVhMDJNJNvhdQFFsZckIm/rUYmeFF5J9ZV842JLPkvV
iY/dsNF8La3CT5CyY6WnWNiMfiE7NLbmdqwkdqgM/W1lVR8RytgneAIyAap3ODsC
U/8FeIAGcuQ=
=Qq6S
-END PGP SIGNATURE-