mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-09-01 14:17:37 +03:00
units: add nosuid and nodev options to tmp.mount (#3575)
This makes privilege escalation attacks harder by putting traps and exploits into /tmp. https://bugs.debian.org/826377
This commit is contained in:
Martin Pitt
committed by
Lennart Poettering
Lennart Poettering
parent
e382c49f1d
commit
2f9df7c96a
@ -19,4 +19,4 @@ After=swap.target
|
|||||||
What=tmpfs
|
What=tmpfs
|
||||||
Where=/tmp
|
Where=/tmp
|
||||||
Type=tmpfs
|
Type=tmpfs
|
||||||
Options=mode=1777,strictatime
|
Options=mode=1777,strictatime,nosuid,nodev
|
||||||
|
|||||||
Reference in New Issue
Block a user