Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I tend to agree with you about the "generic secure setup". The problem with making read only some parts of the file system, as other persons said too, is when a legit application will want to access those locations, a better solution is to remove execute rights on the desired locations.


Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: