Subject: Re: Suggestion: inclusion of the truncate(1) utility into the tree
To: Andrew Brown <firstname.lastname@example.org>
From: Manuel Bouyer <email@example.com>
Date: 07/22/2000 22:03:46
On Sat, Jul 22, 2000 at 01:06:00PM -0400, Andrew Brown wrote:
> it doesn't allow any more than a plain old c compiler would. i assume
> you've removed the c compiler from these machines? and ftpd? and
> chmod? and uudecode? uudecode is a wonderful tool for creating
> binaries on machines without a c compiler. it seems very innocuous,
> but it's not.
There's a better way: all partitions users can write to are mounted 'noexec'.
Manuel Bouyer <firstname.lastname@example.org>