Re: noexec on /dev/shm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Dec 14, 2010 at 02:25:38PM +0000, Richard W.M. Jones wrote:
> I think it's very reasonable to want to edit /etc/fstab to change the
> default mount options of these filesystems.  Suppose that /dev/shm
> defaults to allowing suid and exec.  At some point in the future a
> security problem is found which can be worked around by temporarily
> setting nosuid on /dev/shm (while the real issue is fixed).  An
> administrator can't do that without recompiling systemd.

I'm not sure there's a win in having systemd do magic rather than just using
fstab -- reminds me of IRIX and its auto-mounting of some but not all swap
partitions. (Yay newbie admin confusion!)

But if there's a good technical reason, it still seems reasonable to let
/etc/fstab override the defaults.


-- 
Matthew Miller <mattdm@xxxxxxxxxx>
Senior Systems Architect -- Instructional & Research Computing Services
Harvard School of Engineering & Applied Sciences
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux