From 17aaad5d968e8486dc83cd65cddb1cc1a7ff5211 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Sat, 11 Jun 2022 06:47:49 +0000 Subject: [PATCH] flash-images: Harden mount options of /boot MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Peter Müller Reviewed-by: Michael Tremer --- lfs/flash-images | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/flash-images b/lfs/flash-images index 3cf81fb6dd..8a033c310c 100644 --- a/lfs/flash-images +++ b/lfs/flash-images @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2021 IPFire Team # +# Copyright (C) 2007-2022 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -167,7 +167,7 @@ endif # Create /etc/fstab printf "$(FSTAB_FMT)" "$$(blkid -o value -s UUID $(PART_BOOT))" "/boot" \ - "auto" "defaults" 1 2 > $(MNThdd)/etc/fstab + "auto" "defaults,nodev,noexec,nosuid" 1 2 > $(MNThdd)/etc/fstab ifeq "$(EFI)" "1" printf "$(FSTAB_FMT)" "$$(blkid -o value -s UUID $(PART_EFI))" "/boot/efi" \ "auto" "defaults" 1 2 >> $(MNThdd)/etc/fstab -- 2.39.5