shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-21 18:03:41 +03:00
Code

NEWS: start section for 231, with tmpfs.mount option changes (#3576)

Browse Source 
This documents the "add nosuid and nodev options to tmp.mount" change from
commit 2f9df7c96a2.
This commit is contained in:
Martin Pitt 2016-06-22 13:22:47 +02:00 committed by Lennart Poettering
parent 98471bf0fa
commit 5cd118bab0
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
NEWS
View File

@ -1,5 +1,19 @@
systemd System and Service Manager
CHANGES WITH 231:
* When using systemd's default tmp.mount for /tmp, this will now be
mounted with the "nosuid" and "nodev" options. This avoids
privilege escalation attacks that put traps and exploits into /tmp.
However, this might cause some problems if you e. g. put container
images or overlays into /tmp; if you need this, override tmp.mount's
"Options=" with a drop-in, or mount /tmp from /etc/fstab with your
desired options.
Contributions from: ...
— Somewhere, 2016-XX-XX
CHANGES WITH 230:
* DNSSEC is now turned on by default in systemd-resolved (in