Re: nosuid option for '/'?

To: debian-user@lists.debian.org
Subject: Re: nosuid option for '/'?
From: "Matus \"fantomas\" Uhlar" <uhlar@fantomas.sk>
Date: Sun, 17 Oct 1999 15:15:59 +0200
Message-id: <[🔎] 19991017151558.B18704@fantomas.fantomas.sk>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 19991012165829.B19609@dlitz>; from Dwayne C . Litzenberger on Tue, Oct 12, 1999 at 04:58:29PM -0600
References: <[🔎] 19991012012632.B1122@luvmusl.net> <[🔎] 19991012165829.B19609@dlitz>

-> > And if nosuid is
-> > a good thing for this system, can it be implemented for the
-> > /home directories only, without doing it for the whole / directory? 
-> 
-> Being that nosuid is a mount option, this would be quite easy to do if
-> your /home was a separate partition, which I assume it is not.

/ should NOT be mounted nosuid. but you can mount filesystems as /tmp /home
and /var as noexec (the only problem will be with /var/lib/dpkg where dpkg
unpacks preinstall and postinstall scripts)


-- 
 Matus "fantomas" Uhlar, sysadmin at NEXTRA, Slovakia; IRC admin of *.sk
 uhlar@fantomas.sk; http://www.fantomas.sk/; http://www.nextra.sk/
 LSD will make your ECS screen display 16.7 million colors

Reply to:

References:
- nosuid option for '/'?
  - From: Art Lemasters <alemas@rmi.net>
- Re: nosuid option for '/'?
  - From: "Dwayne C . Litzenberger" <dlitz@cheerful.com>

Prev by Date: nfs + setgid problem
Next by Date: Re: anyone use FireMail?
Previous by thread: Re: nosuid option for '/'?
Next by thread: Re: nosuid option for '/'?
Index(es):
- Date
- Thread