[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Did you know ...

To: silug-discuss@silug.org
Subject: Re: Did you know ...
From: Steven Pritchard <steve@silug.org>
Date: Wed, 28 Feb 2001 07:42:22 -0600 (CST)
In-Reply-To: <Pine.LNX.4.21.0102271120350.16521-100000@mtvernon1.accessus.net>"from Tighe at Feb 27, 2001 11:23:17 am"
Organization: Southern Illinois Linux Users Group
Reply-To: silug-discuss@silug.org
Sender: owner-silug-discuss@silug.org

Tighe said:
> You might also want to add the nosuid tag to those and the /home
> mount options.  Just a thought.

nosuid,nodev can be nice for /tmp.  It'll slow down the script
kiddies.  (I've been told that some things break if you use noexec.)
noexec on /home is a pain, but nosuid is OK.

Now that I think about it, something like this should work:

LABEL=/            /                       ext2    defaults               1 1
LABEL=/usr         /usr                    ext2    rw,nodev               1 2
LABEL=/var         /var                    ext2    rw,nosuid,noexec,nodev 1 2
LABEL=/var/spool   /var/spool              ext2    rw,nosuid,noexec,nodev 1 2
LABEL=/var/log     /var/log                ext2    rw,nosuid,noexec,nodev 1 2
LABEL=/tmp         /tmp                    ext2    rw,nosuid,nodev        1 2
LABEL=/home        /home                   ext2    rw,nosuid,nodev        1 2

If anyone wants to try it, let us know what breaks.  :-)

Steve
-- 
steve@silug.org           | Southern Illinois Linux Users Group
(618)398-7320             | See web site for meeting details.
Steven Pritchard          | http://www.silug.org/
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

Follow-Ups:
- Re: Did you know ...
  - From: Tighe <emry@accessus.net>

References:
- Re: Did you know ...
  - From: Tighe <emry@accessus.net>

Prev by Date: OT : Configuaration Management
Next by Date: Re: Did you know ...
Prev by thread: Re: Did you know ...
Next by thread: Re: Did you know ...
Index(es):
- Date
- Thread