Turning off execute in /tmp

Hi,

I've been reading about the above security fix, basically re-mounting /tmp with noexecute so that downloaded scripts can't be ran.

However, one thing I dont understand. If someone has access to the box, in order to be able to execute something anyway, then they'll have access to other directories too - i.e. they will have found a way in as a valid user on the system. So they could just execute programs from their home dir right?

Or have I missed something here?

Rgds,
Dan

 

 

 

 

Top