FreeBSD Bugzilla – Attachment 80927 Details for
Bug 115981
[patch] nodev mount option should be removed from documentation
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 2.55 KB, created by
Craig Rodrigues
on 2007-08-31 20:10:02 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Craig Rodrigues
Created:
2007-08-31 20:10:02 UTC
Size:
2.55 KB
patch
obsolete
>Index: articles/hubs/article.sgml >=================================================================== >RCS file: /home/ncvs/doc/en_US.ISO8859-1/articles/hubs/article.sgml,v >retrieving revision 1.64 >diff -u -r1.64 article.sgml >--- articles/hubs/article.sgml 30 Jun 2007 09:42:35 -0000 1.64 >+++ articles/hubs/article.sgml 31 Aug 2007 18:57:09 -0000 >@@ -379,7 +379,7 @@ > Here is an excerpt from <filename>/etc/fstab</filename>, > how to set up such a MFS: > <programlisting> >-/dev/da0s1b /anoncvstmp mfs rw,-s=786432,-b=4096,-f=512,-i=560,-c=3,-m=0,nosuid,nodev 0 0 >+/dev/da0s1b /anoncvstmp mfs rw,-s=786432,-b=4096,-f=512,-i=560,-c=3,-m=0,nosuid 0 0 > </programlisting> > This is (of course) tuned a lot, and was suggested by &a.jdp;. > </para> >Index: books/handbook/basics/chapter.sgml >=================================================================== >RCS file: /home/ncvs/doc/en_US.ISO8859-1/books/handbook/basics/chapter.sgml,v >retrieving revision 1.148 >diff -u -r1.148 chapter.sgml >--- books/handbook/basics/chapter.sgml 6 Jul 2007 07:29:55 -0000 1.148 >+++ books/handbook/basics/chapter.sgml 31 Aug 2007 18:57:52 -0000 >@@ -1630,15 +1630,6 @@ > > <variablelist> > <varlistentry> >- <term>nodev</term> >- >- <listitem> >- <para>Do not interpret special devices on the >- file system. This is a useful security option.</para> >- </listitem> >- </varlistentry> >- >- <varlistentry> > <term>noexec</term> > > <listitem> >Index: books/handbook/security/chapter.sgml >=================================================================== >RCS file: /home/ncvs/doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v >retrieving revision 1.313 >diff -u -r1.313 chapter.sgml >--- books/handbook/security/chapter.sgml 5 Jul 2007 11:00:48 -0000 1.313 >+++ books/handbook/security/chapter.sgml 31 Aug 2007 18:59:07 -0000 >@@ -712,9 +712,8 @@ > > <para>If you have a huge amount of user disk space, it may take too > long to run through every file on those partitions. In this case, >- setting mount flags to disallow suid binaries and devices on those >- partitions is a good idea. The <literal>nodev</literal> and >- <literal>nosuid</literal> options (see &man.mount.8;) are what you >+ setting mount flags to disallow suid binaries is a good idea. >+ The <literal>nosuid</literal> option (see &man.mount.8;) is what you > want to look into. You should probably scan them anyway, at least > once a week, since the object of this layer is to detect a break-in > attempt, whether or not the attempt succeeds.</para>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=80927">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 115981
: 80927