$HOME/bin
Ben Stringer
ben at burbong.com
Mon Jun 4 13:17:34 UTC 2007
On Mon, 2007-06-04 at 08:06 -0500, Les Mikesell wrote:
> >
> > I'm sorry.... Are you saying that mounting /home as noexec is a good thing
> > since folks that are compiling/testing programs won't be allowed to get
> > their work done?
> >
> > Sorry a bit confused here.... Sure, it is only Monday.
>
> There are always tradeoffs between usability and security. This one is
> pretty extreme, even for people who just write a few convenience scripts
> so they don't have to repeated type long command lines to unix tools for
> things they do more than once.
It may appear extreme from the perspective of anyone who plans to be
compiling code or writing scripts, but is still a valid and effective
security measure for production, internet facing servers, or for
desktops used by people who will only be using GUI-based apps.
Cheers, Ben
More information about the fedora-list
mailing list