Date: Wed, 7 Sep 2011 14:19:28 +0400 From: Solar Designer <solar@...nwall.com> To: owl-dev@...ts.openwall.com Subject: Re: /tmp fs type On Wed, Sep 07, 2011 at 01:49:45PM +0400, Vasiliy Kulikov wrote: > Maybe, but often fs type for /tmp is chosen not from security > considerations, but performance or robustness. Wouldn't tmpfs be the best choice under those considerations as well? OK, I imagine someone might opt to have on-disk /tmp if it needs to be larger than the machine's virtual memory size. > How does the hardlink hardening protect against hardlinking into /home? By not letting a user create hard links to files that they don't have write permissions for. > I mean Owl 3.0 system installer with the default kernel. We don't plan > to backport kernel hardening stuff to 3.0, do we? We might. > As to /home, Owl 4.0 would benefit too. Why/how? Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.