>>> Jarkko Sakkinen <jarkko@xxxxxxxxxx> schrieb am 09.12.2020 um 01:15 in Nachricht <20201209001521.GA64007@xxxxxxxxxx>: ... > > What's the data that supports having noexec /dev anyway? With root > access I can then just use something else like /dev/shm mount. > > Has there been out in the wild real world cases that noexec mount > of would have prevented? > > For me this sounds a lot just something that "feels more secure" > without any measurable benefit. Can you prove me wrong? I think the better question is: Why not allow it? I.e.: Why do you want to forbid it? Event though I wouldn't like it myself, I could even think of noexec /tmp. Regards, Ulrich
