This also applies to /var/tmp/ and to /dev/shm/ Temporary storage directories such as /tmp and /dev/shm potentially provide storage space for malicious exe- cutables. Although mount options options cannot prevent interpreted code stored there from getting executed by a program in another partition, using certain mount options can be disruptive to malicious code.
CCE 14412-1, 14940-1, 14927-8 http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf Section 2.2.1.3 ** Package changed: ubuntu => debian-installer (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/304959 Title: /tmp should be mounted noexec,nosuid To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/304959/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
