mirror of
https://github.com/Kicksecure/security-misc.git
synced 2025-05-02 11:36:07 -04:00
fix
This commit is contained in:
parent
f440209738
commit
eb90d38d8c
1 changed files with 4 additions and 14 deletions
|
@ -170,13 +170,13 @@ _dev_shm() {
|
|||
}
|
||||
|
||||
_tmp() {
|
||||
mount_folder="/tmp"
|
||||
mount_folder="$NEWROOT/tmp"
|
||||
intended_mount_options="nosuid,nodev${noexec_maybe}"
|
||||
remount_secure "$@"
|
||||
}
|
||||
|
||||
_var() {
|
||||
mount_folder="/var"
|
||||
mount_folder="$NEWROOT/var"
|
||||
## TODO: nodev? noexec?
|
||||
intended_mount_options="nosuid"
|
||||
remount_secure "$@"
|
||||
|
@ -189,20 +189,13 @@ _var_tmp() {
|
|||
}
|
||||
|
||||
_var_log() {
|
||||
mount_folder="/var/log"
|
||||
intended_mount_options="nosuid,nodev,noexec"
|
||||
remount_secure "$@"
|
||||
}
|
||||
|
||||
_var_log_audit() {
|
||||
mount_folder="/var/log/audit"
|
||||
mount_folder="$NEWROOT/var/log"
|
||||
intended_mount_options="nosuid,nodev,noexec"
|
||||
remount_secure "$@"
|
||||
}
|
||||
|
||||
## https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/25
|
||||
_lib() {
|
||||
## TODO: NEWROOT?
|
||||
mount_folder="$NEWROOT/lib"
|
||||
## Not using noexec on /lib.
|
||||
intended_mount_options="nosuid,nodev"
|
||||
|
@ -240,10 +233,7 @@ main() {
|
|||
#_var
|
||||
|
||||
_var_tmp
|
||||
|
||||
## TODO: ?
|
||||
#_var_log
|
||||
#_var_log_audit
|
||||
_var_log
|
||||
|
||||
## TODO: broken?
|
||||
#_lib
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue