Date: Thu, 12 May 2005 13:00:30 GMT From: Giorgos Keramidas <keramida@freebsd.org> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/80907: tmpmfs default change Message-ID: <200505121300.j4CD0UN6098056@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/80907; it has been noted by GNATS. From: Giorgos Keramidas <keramida@freebsd.org> To: Caitlen <aeonflux@aeonflux.no-ip.com> Cc: bug-followup@freebsd.org Subject: Re: conf/80907: tmpmfs default change Date: Thu, 12 May 2005 15:59:12 +0300 On 2005-05-11 17:38, Caitlen <aeonflux@aeonflux.no-ip.com> wrote: > by default > tmpmfs_flags="-S" > When in reality > tmpmfs_flags="-S -o nosymfollow,nosuid" > > would be much safer I don't think this is really a bug, but anyway. It would probably be safer to use: tmpmfs_flags="-S -o noatime,noexec,nosuid,nosymfollow" The ability to actually *use* whatever options are best for your system is exactly why I made the original change to rc.d/tmp, but I'm not sure if it would be good to enforce so strict permissions to everyone :-/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505121300.j4CD0UN6098056>