Skip to content

Commit

Permalink
units: add nosuid and nodev options to tmp.mount (#3575)
Browse files Browse the repository at this point in the history 
This makes privilege escalation attacks harder by putting traps and exploits
into /tmp.

https://bugs.debian.org/826377
  • Loading branch information
@martinpitt @poettering
martinpitt authored and poettering committed Jun 22, 2016
1 parent e382c49 commit 2f9df7c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion units/tmp.mount.m4
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,4 @@ After=swap.target
What=tmpfs
Where=/tmp
Type=tmpfs
Options=mode=1777,strictatime
Options=mode=1777,strictatime,nosuid,nodev

0 comments on commit 2f9df7c

Please sign in to comment.