diff options
author | Martin Pitt <martin.pitt@ubuntu.com> | 2016-06-22 12:32:59 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-06-22 12:32:59 +0200 |
commit | 2f9df7c96a25adb42093ee3ee201577f3e01da42 (patch) | |
tree | c8388097e3ef6a517d793674a45a65fa3fcf6f55 | |
parent | e382c49f1dfe172cc14651fd0908da6ebf12ef53 (diff) |
units: add nosuid and nodev options to tmp.mount (#3575)
This makes privilege escalation attacks harder by putting traps and exploits
into /tmp.
https://bugs.debian.org/826377
-rw-r--r-- | units/tmp.mount.m4 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/units/tmp.mount.m4 b/units/tmp.mount.m4 index 1448bd268a..0baecfd22f 100644 --- a/units/tmp.mount.m4 +++ b/units/tmp.mount.m4 @@ -19,4 +19,4 @@ After=swap.target What=tmpfs Where=/tmp Type=tmpfs -Options=mode=1777,strictatime +Options=mode=1777,strictatime,nosuid,nodev |