shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-08-03 08:22:21 +03:00
Code Activity

units: set nodev,nosuid,noexec flags for various secondary API VFS

Browse Source 
A couple of API VFS we mount via .mount units. Let's set the three flags
for those too, just in case.

This is just paranoia, nothing else, but shouldn't hurt.
This commit is contained in:
Lennart Poettering
2019-03-25 19:39:00 +01:00
parent 60a3e982f4
commit 5cb02182fd
5 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
units/dev-mqueue.mount
View File

@ -20,3 +20,4 @@ ConditionCapability=CAP_SYS_ADMIN
What=mqueue
Where=/dev/mqueue
Type=mqueue
Options=nosuid,nodev,noexec

1
units/proc-sys-fs-binfmt_misc.mount
View File

@ -17,3 +17,4 @@ DefaultDependencies=no
What=binfmt_misc
Where=/proc/sys/fs/binfmt_misc
Type=binfmt_misc
Options=nosuid,nodev,noexec

1
units/sys-fs-fuse-connections.mount
View File

@ -22,3 +22,4 @@ Before=sysinit.target
What=fusectl
Where=/sys/fs/fuse/connections
Type=fusectl
Options=nosuid,nodev,noexec

1
units/sys-kernel-config.mount
View File

@ -21,3 +21,4 @@ Before=sysinit.target
What=configfs
Where=/sys/kernel/config
Type=configfs
Options=nosuid,nodev,noexec

1
units/sys-kernel-debug.mount
View File

@ -20,3 +20,4 @@ Before=sysinit.target
What=debugfs
Where=/sys/kernel/debug
Type=debugfs
Options=nosuid,nodev,noexec