[Bug 304959] Re: /tmp should be mounted noexec,nosuid
Fred
304959 at bugs.launchpad.net
Wed Aug 22 17:52:03 UTC 2012
This also applies to /var/tmp/ and to /dev/shm/
Temporary storage directories such as /tmp and /dev/shm potentially provide storage space for malicious exe-
cutables. Although mount options options cannot prevent interpreted code stored there from getting executed
by a program in another partition, using certain mount options can be disruptive to malicious code.
CCE 14412-1, 14940-1, 14927-8
http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf
Section 2.2.1.3
** Package changed: ubuntu => debian-installer (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to debian-installer in Ubuntu.
https://bugs.launchpad.net/bugs/304959
Title:
/tmp should be mounted noexec,nosuid
Status in “debian-installer” package in Ubuntu:
Invalid
Bug description:
Many vulnerabilities involve the attacker somehow getting a file into
/tmp then executing it. A way to mitigate the risk of such an attack
is to mount /tmp noexec,nosuid. This security is especially important
on web servers.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/304959/+subscriptions
More information about the foundations-bugs
mailing list