mirror of
https://github.com/systemd/systemd
synced 2024-07-21 10:17:21 +00:00
units: add nosuid and nodev options to tmp.mount (#3575)
This makes privilege escalation attacks harder by putting traps and exploits into /tmp. https://bugs.debian.org/826377
This commit is contained in:
parent
e382c49f1d
commit
2f9df7c96a
|
@ -19,4 +19,4 @@ After=swap.target
|
|||
What=tmpfs
|
||||
Where=/tmp
|
||||
Type=tmpfs
|
||||
Options=mode=1777,strictatime
|
||||
Options=mode=1777,strictatime,nosuid,nodev
|
||||
|
|
Loading…
Reference in a new issue