Am 01.02.2017 um 11:02 schrieb Hoyer, Marko (ADITG/SW2):
a tiny question:

- Is there any reason why the mount points /run and /dev/shm do not have
MS_NOEXEC flags set?

We like to remove execution capabilities from all volatile areas that
are writeable to users for security reasons

it's all not that easy - see and and i am pretty sure other pieces would break on case of noexec SHM (yes i know that these bugreports are not about SHM, they are just a example)

systemd-devel mailing list

Reply via email to