Alexander Puchmayr wrote: > /dev/shm is a volatile memory, which does not survive a reboot; hence it is > a prefered location for some hackers to place their evil code there and get > rid of evidences when an admin reboots the machine from a secure media > (e.g. a knoppix-cd) to perform further analysis. > > My suggestion to prevent such attacks is to change the mount permissions > of /dev/shm per default. I can't imagine any reason why anyone should place > a temporary executeable there and start from there, except when doing > something evil. > > So, please consider changing the defaults in /etc/fstab in > > none /dev/shm tmpfs noexec,rw 0 0
Created bug 90980. Next time, please use bugzilla directly to submit ideas to improve default configurations. https://bugs.gentoo.org/show_bug.cgi?id=90980 -- Thierry Carrez (Koon) Gentoo Linux Security
signature.asc
Description: OpenPGP digital signature
