Red Hat Bugzilla – Bug 199041
Mount /proc with nosuid,noexec flags by defaulf
Last modified: 2007-11-30 17:11:37 EST
Description of problem:
Maybe /proc should be mounted by default with noexec,nosuid flags? This can
increase security in some way.
Steps to Reproduce:
1. grep proc /etc/fstab
The initramfs mounts proc. Of course, if this is that important, why not just
set it that way *in the kernel*?
The linux-2.6-defaults-* patches are really starting to pile up.
If you feel strongly about this issue, argue it upstream in
http://bugzilla.kernel.org or firstname.lastname@example.org