tech-security: Re: normal user can bypass mount 'noexec' flags

Subject: Re: normal user can bypass mount 'noexec' flags
To: Erik E. Fair <fair@clock.org>
From: Michael K. Sanders <msanders@confusion.net>
List: tech-security
Date: 03/11/1999 13:07:04

In message <v04020a51b30dcb33da67@[209.157.85.34]>, "Erik E. Fair" writes:
>Two questions:
>
>1. What is 'noexec' usually used to prevent?
>
>prevent execution of binaries from another architecture on an NFS server.
>
>prevent execution of binaries from removable media.

prevent execution of any binaries not installed by the system administrator.

Not allowing users to execute their own binaries (whether they are
compiled or transferred from another system) might be highly desirable
for some systems.