noexec on /tmp ?
do you think it's a good idea to set NOEXEC on /tmp on FreeBSD 4.10?
i do it on linux, but don't know if it will cause problems on FreeBSD...
You may also want to add the NOEXEC flag for
/tmp, but this is severely restrictive and may begin to make things
difficult for your users. NOEXEC will also cause problems when you
'make installworld', since a fairly normal /tmp is required for this.
Enabling NOEXEC may also limit your ability to find an intruder.
/tmp, but this is severely restrictive and may begin to make things
difficult for your users. NOEXEC will also cause problems when you
'make installworld', since a fairly normal /tmp is required for this.
Enabling NOEXEC may also limit your ability to find an intruder.
thanks
