Antw: [EXT] Re: [systemd-devel] Creating executable device nodes in /dev?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


>>> Jarkko Sakkinen <jarkko@xxxxxxxxxx> schrieb am 09.12.2020 um 01:15 in Nachricht

> What's the data that supports having noexec /dev anyway? With root
> access I can then just use something else like /dev/shm mount.
> Has there been out in the wild real world cases that noexec mount
> of would have prevented?
> For me this sounds a lot just something that "feels more secure"
> without any measurable benefit. Can you prove me wrong?

I think the better question is: Why not allow it? I.e.: Why do you want to forbid it?

Event though I wouldn't like it myself, I could even think of noexec /tmp.


[Index of Archives]     [Linux Kernel]     [Linux DVB]     [Asterisk Internet PBX]     [DCCP]     [Netdev]     []     [Util Linux NG]     [Fedora Women]     [ALSA Devel]     [Linux USB]

  Powered by Linux