$HOME/bin

Ben Stringer ben at burbong.com
Mon Jun 4 13:17:34 UTC 2007


On Mon, 2007-06-04 at 08:06 -0500, Les Mikesell wrote:
> > 
> > I'm sorry....  Are you saying that mounting /home as noexec is a good thing
> > since folks that are compiling/testing programs won't be allowed to get
> > their work done?
> > 
> > Sorry a bit confused here....  Sure, it is only Monday.
> 
> There are always tradeoffs between usability and security.  This one is 
> pretty extreme, even for people who just write a few convenience scripts 
> so they don't have to repeated type long command lines to unix tools for 
> things they do more than once.

It may appear extreme from the perspective of anyone who plans to be
compiling code or writing scripts, but is still a valid and effective
security measure for production, internet facing servers, or for
desktops used by people who will only be using GUI-based apps.

Cheers, Ben




More information about the fedora-list mailing list