Skip to content

Commit

Permalink
/dev/, /dev/shm, /tmp
Browse files Browse the repository at this point in the history 
#157 (comment)
  • Loading branch information
@adrelanos
adrelanos committed Dec 29, 2023
1 parent e15596e commit 5b36599
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions usr/share/doc/security-misc/fstab-vm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,11 @@
proc /proc proc nofail,defaults 0 0

/dev /dev devtmpfs nofail,bind,remount,nosuid,noexec 0 0
#udev /dev devtmpfs defaults,nosuid,noexec 0 0

## noexec optional
/dev/shm /dev/shm tmpfs nofail,nosuid,nodev,noexec 0 0
#tmpfs /dev/shm tmpfs defaults,nosuid,nodev,noexec 0 0

## nodev,nosuid,noexec as per:
## https://www.debian.org/doc/manuals/securing-debian-manual/ch04s10.en.html
Expand All @@ -19,6 +21,7 @@ proc /proc pr

## noexec optional
/tmp /tmp tmpfs nofail,bind,nosuid,nodev,noexec 0 0
#tmpfs /tmp tmpfs defaults,nodev,nosuid,noexec 0 0

/var /var none nofail,bind,nosuid,nodev 0 0

Expand All @@ -32,3 +35,6 @@ proc /proc pr

## noexec optional
/home /home none nofail,bind,nosuid,nodev,noexec 0 0

## TODO:
#/sys

0 comments on commit 5b36599

Please sign in to comment.