Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 7 Sep 2011 13:49:45 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: /tmp fs type

Solar,

On Wed, Sep 07, 2011 at 13:36 +0400, Solar Designer wrote:
> On Wed, Sep 07, 2011 at 01:15:56PM +0400, Vasiliy Kulikov wrote:
> > While we have an option to setup /tmp as tmpfs,
> 
> This is more than just an option - this is the current default.  And if
> an admin overrides this default, then presumably they know what they're
> doing.

Maybe, but often fs type for /tmp is chosen not from security
considerations, but performance or robustness.

> > we probably should
> > support bind mounts for /tmp (and /home?) to deny creating links to sxid
> > binaries:
> 
> /tmp is already a separate filesystem.  As to /home, maybe.  But we're
> planning to (re-)harden the kernel anyway, so why bother with partial
> workarounds in userspace?  Just in case someone runs Owl userland with a
> non-Owl kernel?

How does the hardlink hardening protect against hardlinking into /home?


> And what do you mean by "supporting" bind mounts?  Aren't they already
> supported (with a trivial edit to fstab)?  Do you mean an installer
> feature?  If so, I see no reason to provide it if it's just for those
> who would use a non-Owl kernel - that is, people who are willing to
> customize the system on their own.

I mean Owl 3.0 system installer with the default kernel.  We don't plan
to backport kernel hardening stuff to 3.0, do we?  As to /home, Owl 4.0
would benefit too.

Thanks,

-- 
Vasiliy

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ