Re: RFC: Remove write permissions from executables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Richard Zidlicky <rz@xxxxxxxxxxxxxx> writes:

> Mounting the fs read only is much easier and safer - and has long tradition.

This is not feasible as a distribution policy. You can't guarantee that
/usr/bin is on its own partition so you can mount it read only. The only
way to achieve it would be creative use of mount --bind, something which
certainly goes against tradition.

Also, the advantage of the proposed change was that it would not affect
e.g. yum upgrade. Creative use of mount --bind could perhaps achieve the
same result, but not in a way which I consider sane.

All in all I think it's a shame that the original proposal didn't work
out at this time. Having binaries owned by bin:bin does have Unix (but
not Linux AFAIK) tradition behind it.


/Benny

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux