]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a02287e) | patch
units: restrict hugepages fs a bit
authorLennart Poettering <lennart@poettering.net>
Wed, 26 Apr 2023 14:55:42 +0000 (16:55 +0200)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Thu, 27 Apr 2023 03:28:50 +0000 (12:28 +0900)
commite76b3d4ed2d716446f3670d40cfdcbb145cb52d7
treebee560456d5bf99f443cd52d872b1b0bbaf7dac0tree | snapshot
parenta02287eab3e883d7d2d8961e9651f5fef9a9eeaccommit | diff
units: restrict hugepages fs a bit

suid binaries and device nodes should not be placed there, hence forbid
it.

Of all the API VFS we mount from PID 1 or via a unit file this one is
the only one where we didn't add MS_NODEV/MS_NOSUID. Let's address that,
since there's really no reason why device nodes or suid binaries would
be placed in hugetlbfs.
units/dev-hugepages.mount diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.