Apt doesn't handle when /tmp is mounted noexec
Bug #544693 reported by
Charles Burns
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Mounting /tmp noexec is a somewhat common practice for security reasons. Many script kiddies will paste code they found into /tmp somehow, compile it, and run it.
Apt doesn't seem to handle this at all, either through checks to see if /tmp is mounted "exec", or through warnings to the user.
Sample output while installing "linux-
/usr/sbin/
/usr/sbin/
/usr/sbin/
To post a comment you must log in.
This seems to be known behavior. See http:// www.debian- administration. org/article/ Making_ /tmp_non- executable for more info. That link suggest adding
DPkg::Pre- Invoke{ "mount -o remount,exec /tmp";};
DPkg::Post-Invoke {"mount -o remount /tmp";};
to /etc/apt/apt.conf so that /tmp is temporarily remounted as executable before packages are installed.