[Bug 1152744] Re: mountall is lying about /run's noexec

[Marc Deslauriers]

it's more security hardening than an actual vulnerability, and even then
then only reason it got fixed is because the mtab was listing it wrong.
If an administrator is specifically mounting certain partitions noexec,
they may have been thinking that /run was noexec also even though it
wasn't.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1152744

Title:
  mountall is lying about /run's noexec

Status in “initramfs-tools” package in Ubuntu:
  Fix Released
Status in “initramfs-tools” source package in Precise:
  Fix Released
Status in “initramfs-tools” source package in Quantal:
  Fix Released
Status in “initramfs-tools” source package in Saucy:
  Fix Released
Status in “initramfs-tools” source package in Trusty:
  Fix Released

Bug description:
  It looks like /run got mounted without noexec and the mtab write lies
  about it:

  $ grep -m1 /run /etc/mtab /proc/mounts 
  /etc/mtab:tmpfs /run tmpfs rw,noexec,nosuid,size=10%,mode=0755 0 0
  /proc/mounts:tmpfs /run tmpfs rw,nosuid,relatime,size=1618980k,mode=755 0 0

  For completeness, /run should _actually_ be mounted noexec, even if
  it's root:root 0755.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1152744/+subscriptions