[Pkg-sysvinit-devel] Bug#386368: initscripts: please don't mount
/dev/shm noexec
Petter Reinholdtsen
pere at hungry.com
Thu Sep 7 14:36:40 UTC 2006
tags 386368 + wontfix
thanks
[Mario 'BitKoenig' Holbe]
> could you please consider removal of the noexec flag from the /dev/shm
> mount... Mounting it noexec breaks bind-mounts to /tmp on Debian systems
> because dpkg runs files from /tmp (for preconfiguration).
This is not supposed to work. The /dev/shm file system is to be only
used by the shm functions in glibc, as all other use would polute the
name space for shared memory segments. I discovered misuse of
/dev/shm/ in checkroot.sh, and am currently trying to rewrite it to
stay away from /dev/shm/.
> Bind-mounting /dev/shm to /tmp instead of creating a new tmpfs for /tmp
> is far more safe regarding memory-DoS attacks. That's why I think this
> is not that uncommon.
It might not be uncommon, but it has never been supported, is against
the expressed purpose of /dev/shm/, and I will not add noexec back to
support it.
> Here are my fstab entries for virtual filesystems which work quite well
> for months now, just in case it helps you (you don't yet restrict
> /dev/pts for example)...
Yes, I am aware of the /dev/pts/ issue, but I have not tested the
effect of restrictingit, so I have left it behind. I take it from
your report that you have verified that it is ok to mount /dev/pts/
nosuid,noexec? If that is the case, I will add those flags to the
default boot.
Friendly,
--
Petter Reinholdtsen
More information about the Pkg-sysvinit-devel
mailing list