svn commit: r41813 - head/en_US.ISO8859-1/books/handbook/basics

Tom Rhodes trhodes at FreeBSD.org
Wed Jun 5 00:32:56 UTC 2013 

On Mon, 3 Jun 2013 23:24:38 +0200
Eitan Adler <eadler at freebsd.org> wrote:

> On 3 June 2013 16:24, Chris Rees <utisoft at gmail.com> wrote:
> >
> > On 3 Jun 2013 13:50, "Eitan Adler" <eadler at freebsd.org> wrote:
> >>
> >> On 3 June 2013 13:55, Tom Rhodes <trhodes at freebsd.org> wrote:
> >> > On Sat, 1 Jun 2013 15:44:45 +0000 (UTC)
> >> > Eitan Adler <eadler at FreeBSD.org> wrote:
> >> >
> >> >> Author: eadler
> >> >> Date: Sat Jun  1 15:44:45 2013
> >> >> New Revision: 41813
> >> >> URL: http://svnweb.freebsd.org/changeset/doc/41813
> >> >>
> >> >> Log:
> >> >>   The man page for mount(1) and the handbook disagree on the security
> >> >> value of 'noexec'.  The man page is correct.
> >> >>
> >> >> Modified:
> >> >>   head/en_US.ISO8859-1/books/handbook/basics/chapter.xml
> >> >>
> >> >> Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml
> >> >>
> >> >> ==============================================================================
> >> >> --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml    Sat Jun
> >> >> 1 15:37:57 2013        (r41812)
> >> >> +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml    Sat Jun
> >> >> 1 15:44:45 2013        (r41813)
> >> >> @@ -1790,15 +1790,6 @@ root     5211  0.0  0.2  3620  1724   2
> >> >>
> >> >>        <variablelist>
> >> >>       <varlistentry>
> >> >> -       <term>noexec</term>
> >> >> -
> >> >> -       <listitem>
> >> >> -         <para>Do not allow execution of binaries on this file
> >> >> -           system.  This is also a useful security option.</para>
> >> >> -       </listitem>
> >> >> -     </varlistentry>
> >> >> -
> >> >> -     <varlistentry>
> >> >>         <term>nosuid</term>
> >> >>
> >> >>         <listitem>
> >> >
> >> > Why not fix rather than remove?
> >>
> >> This is not really a 'common' mount option to use.
> >
> > I use it on /tmp all the time; isn't it a nice thing to explain?
> 
> It is useful to avoid mistakes as the man page says ' This option is
> useful for a server that has file systems containing binaries for
> architectures other than its own.'
> I think explaining noatime is more important than explaining noexec.
> That said, this is a bikeshed argument.  Please feel free to add a
> proper explanation of when noexec should be used.  I will have no
> objection to that.
> 

It's ok, I'll fix your commit in the ISBN branch and we can merge
it over later.

--
Tom Rhodes

More information about the svn-doc-head mailing list