shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-01-11 09:18:07 +03:00
Code

mount-setup: make /dev noexec

Browse Source 
/dev used to be mounted with "exec" flag due to /dev/MAKEDEV script but that's
history and it's now located in /sbin. mmap() with file descriptor to
"/dev/zero" (instead of modern mmap(,,,MAP_ANON...))  will still work.
This commit is contained in:
Topi Miettinen 2020-03-07 21:19:09 +02:00 committed by Zbigniew Jędrzejewski-Szmek
parent e9cdcbed77
commit 3b5b6826aa
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/core/mount-setup.c
View File

@ -64,7 +64,7 @@ static const MountPoint mount_table[] = {
NULL, MNT_FATAL|MNT_IN_CONTAINER },
{ "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
NULL, MNT_FATAL|MNT_IN_CONTAINER },
{ "devtmpfs", "/dev", "devtmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME,
{ "devtmpfs", "/dev", "devtmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_STRICTATIME,
NULL, MNT_FATAL|MNT_IN_CONTAINER },
{ "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
NULL, MNT_NONE },