Your message dated Tue, 29 May 2012 12:23:22 -0400 with message-id <20120529162322.GA31919@gnu.kitenet.net> and subject line closing, noexec etc is the default has caused the Debian Bug report #378984, regarding fstab default /proc entry nosuid to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 378984: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=378984 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: fstab default /proc entry nosuid
- From: maximilian attems <maks@sternwelten.at>
- Date: Thu, 20 Jul 2006 13:23:54 +0200
- Message-id: <20060720112354.27660.14689.reportbug@nancy>
Package: partman-target Version: 44 Severity: normal Tags: patch please apply belows patch, to add the /proc line to fstab with nosuid. rationale: setuid and setgid bits have nothing lost in /proc, nice workaround for kernel /proc vulnerability, see suggested at the lwn.net article: http://lwn.net/SubscriberLink/191954/dfb24a687f9b032e/ Index: finish.d/create_fstab_header =================================================================== --- finish.d/create_fstab_header (revision 39223) +++ finish.d/create_fstab_header (working copy) @@ -9,4 +9,4 @@ printf "%-15s %-15s %-7s %-15s %-7s %s\n" '# <file system>' '<mount point>' '<type>' '<options>' '<dump>' '<pass>' >> /target/etc/fstab -printf "%-15s %-15s %-7s %-15s %-7s %s\n" proc /proc proc defaults 0 0 >> /target/etc/fstab +printf "%-15s %-15s %-7s %-15s %-7s %s\n" proc /proc proc defaults,nosuid 0 0 >> /target/etc/fstab -- maks -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
--- End Message ---
--- Begin Message ---
- To: 378984-done@bugs.debian.org
- Subject: closing, noexec etc is the default
- From: Joey Hess <joeyh@debian.org>
- Date: Tue, 29 May 2012 12:23:22 -0400
- Message-id: <20120529162322.GA31919@gnu.kitenet.net>
mountkernfs mounts /proc with the requested options by default, so d-i does not need to do anything. I have /proc with defaults in fstab and still get this: proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) -- see shy joAttachment: signature.asc
Description: Digital signature
--- End Message ---