On Tue, Mar 4, 2008 at 12:14 PM, Ed Brown <[EMAIL PROTECTED]> wrote: > Speaking of the NSA guide, another recommendation (besides "remove > unnecessary software") is this: > > (from http://www.nsa.gov/snac/os/redhat/rhel5-guide-i731.pdf) > --------------------------------------------------------------- > 2.2.1.1 Add nodev Option to Non-Root Local Partitions > Edit the file /etc/fstab. The important columns for purposes of this > section are column 2 (mount point), column 3 (filesystem type), and > column 4 (mount options). For any line which satisfies all of the > conditions: > ˆ The filesystem type is ext2 or ext3 > ˆ The mount point is not / > add the text ",nodev" to the list of mount options in column 4. > -------------------------------------------------------------- > > Of course the "list of mount options" in RHEL5 defaults to "defaults", > which according to the man page is: rw, suid, dev, exec, auto, nouser, > and async. > > So, what is the effect of appending 'nodev' to 'defaults', since it > includes 'dev'? Does last-stated option win, or does the list need to > be spelled out if any of the defaults are to be changed?
It appears to win since mount shows it then mounted with nodev. Isn't "defaults" just a placeholder anyway? If you add any options you can drop the defaults can't you and get the same effect? John _______________________________________________ rhelv5-beta-list mailing list rhelv5-beta-list@redhat.com https://www.redhat.com/mailman/listinfo/rhelv5-beta-list
