Also related
https://github.com/systemd/systemd/pull/17238#discussion_r499375614
signature.asc
Description: OpenPGP digital signature
Hi, and thank you all for the great replies!
So I added the following line to fstab:
tmpfs /dev/shm tmpfs rw,nosuid,nodev,noexec 0 0
and it works, just as you said it would. No second /dev/shm popping up or other
stuff I had assumed.
(I'm not sure if it now takes a second longer for the
Andy Smith wrote:
...
>Though note that it seems systemd once did use "noexec" for /dev/shm
>but stopped 10 years ago because it broke some uses of mmap:
>
>
> https://github.com/systemd/systemd/commit/501c875bffaef3263ad42c32485c7fde41027175
libffi also has a habit of using /dev/shm for
Hello,
On Fri, Oct 02, 2020 at 10:35:51PM +0300, Valter Jaakkola wrote:
> So where can I change the mounting parameters of /dev/shm, or otherwise
> arrange
> it so that /dev/shm is noexec already at/after boot?
>
> (Out of curiosity, where is /dev/shm mounted from?)
I think from systemd:
few other directories where users can typically write to
and execute binaries, though: /tmp, /var/tmp, $HOME, /run/user/$USER.
> The problem for me is mounting /dev/shm noexec -- I can't find where to do
> it. I
> couldn't find a lot of information about this on the internet. The few
Valter Jaakkola wrote:
> So where can I change the mounting parameters of /dev/shm, or otherwise
> arrange it so that /dev/shm is noexec already at/after boot?
>
> (Out of curiosity, where is /dev/shm mounted from?)
perhaps you are looking for tmpfs settings
AT least here it is mounted as tmpfs
is not(?) an ordinary filesystem where one could save files
and execute them, right? (Or so it appears to me after some experimentation and
reading.)
The problem for me is mounting /dev/shm noexec -- I can't find where to do it. I
couldn't find a lot of information about this on the internet. The few
7 matches
Mail list logo
