> Hi,
>
> I have noticed that very usefull mount option 'noexec' have no meaning
> for XFS. Am I wrong ? (Probably same for option 'nodev').
> If no, could I ask when it will be implemented ?
>
> (For security reasons I doesnt allow for execution of files from /home /var
> /tmp
> filesystems, so for me lack of this option is a big problem. I know that
> there are
> workarounds, bu I know also that number of peoples knowing how to do this
> is very small, so 'noexec, nodev' are usefull security tool.)
>
> Regards,
> Blizbor
Try the CVS tree, it appears to work there:
[root@lord /]# mount -o noexec /dev/sda5 /xfs
[root@lord /]# cd /xfs
[root@lord /xfs]# ls
client.txt lord NBSIMULD redhat tmp
[root@lord /xfs]# cp /bin/ls .
[root@lord /xfs]# ls -l
total 4076
-rw-r--r-- 1 root root 4119297 May 19 09:32 client.txt
drwxr-xr-x 3 lord root 16 May 21 10:04 lord
-rwxr-xr-x 1 root root 45724 May 21 18:20 ls
drwx------ 3 root root 4096 May 19 09:37 NBSIMULD
drwxr-xr-x 7 root root 67 May 21 15:30 redhat
drwxr-xr-x 2 root root 6 May 21 17:33 tmp
[root@lord /xfs]# ./ls
bash: ./ls: Permission denied
[root@lord /xfs]#
Steve
|