On 18/06/2021 16:21, alad via aur-general wrote: > On 18/06/2021 16:43, Jonathon Fernyhough via aur-general wrote: >> ... >> Or, is an executable /tmp a reasonable assumption? 🤔 > > I don't see anything in file-hierarchy(7) that mandates an executable > /tmp. That said, it contains a hint that some programs might break: > >       /tmp/, /var/tmp/ and /dev/shm/ should be mounted nosuid and >       nodev, which means that set-user-id mode and character or block >       special devices are not interpreted on those file systems. In >       general it is not possible to mount them noexec, because various >       programs use those directories for dynamically generated or >       optimized code, and with that flag those use cases would break. >       Using this flag is OK on special-purpose installations or systems >       where all software that may be installed is known and doesn't >       require such functionality. See the discussion of >       nosuid/nodev/noexec in mount(8) and PROT_EXEC in mmap(2). >
This kind of implies that noexec would be a "special-purpose" case rather than the norm (as it's definitely not the default), which also implies it's a user-configuration issue rather than a packaging issue. Therefore, and thinking about saving Jan some work, is adding a warning necessary? (e.g. is there other software in the repos that would break with a noexec [/tmp,/var/tmp,/dev/shm], and if so, do any of those contain a warning about a non-default state?)
OpenPGP_signature
Description: OpenPGP digital signature
