[systemd-devel] [PATCH 5/6] mount /run without "noexec"
Kay Sievers
kay.sievers at vrfy.org
Tue May 31 21:04:25 PDT 2011
On Wed, Jun 1, 2011 at 05:46, Harald Hoyer <harald.hoyer at gmail.com> wrote:
> Am 01.06.2011 um 02:29 schrieb Maarten Lankhorst <m.b.lankhorst at gmail.com>:
>> Op 31-05-11 17:06, harald at redhat.com schreef:
>>> From: Harald Hoyer <harald at redhat.com>
>>>
>>>
>>> Signed-off-by: Harald Hoyer <harald at redhat.com>
>> Why do you need exec on /run ?
>>
>> ~Maarten
>
> Or, I would remount it without noexec before pivot_root
I guess we should remove it. As long as we have things /tmp and
/dev/shm exec and writable for everybody, we don't need to
artificially limit /run. There are valid use cases for on-the-fly
scripts/binaries to live in /run.
Kay
More information about the systemd-devel
mailing list