Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Paul de Vrieze <pauldv@g.o>
Subject: Re: mount noexec and ro
Date: Sat, 04 Nov 2006 20:03:23 +0100
On Saturday 04 November 2006 17:27, Joe Knall wrote:
> correct, it's atually like this
> /srv/www type ext3 (ro,nosuid,nodev,acl,user_xattr)
> /srv/www/data type ext3 (rw,noexec,nosuid,acl,user_xattr)
>
> but I need a /dev, currently data/dev with null and urandom there,
> writeable and not nodev (could as well be a separate partition).
> Do you think this turns all the rest in vain?

Nodev is mainly for those situations where you may not have full control over 
the disk (like usb sticks). But the ability to have devices will mean that 
those who can make devices can abuse them.

Paul

-- 
Paul de Vrieze
Gentoo Developer
Mail: pauldv@g.o
Homepage: http://www.devrieze.net
Attachment:
pgpYNNWowjaXf.pgp (PGP signature)
Replies:
Re: mount noexec and ro
-- Miguel Angel Tormo Alfaro
References:
mount noexec and ro
-- Joe Knall
Re: mount noexec and ro
-- Paul de Vrieze
Re: mount noexec and ro
-- Joe Knall
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: mount noexec and ro
Next by thread:
Re: mount noexec and ro
Previous by date:
Re: Re: Mini Gentoo in VMWare
Next by date:
Re: [gentoo-hardened] Re: Mini Gentoo in VMWare


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.