On Thu, Sep 07, 2006 at 04:36:40PM +0200, Petter Reinholdtsen wrote: > This is not supposed to work. The /dev/shm file system is to be only > used by the shm functions in glibc, as all other use would polute the > name space for shared memory segments. I discovered misuse of > /dev/shm/ in checkroot.sh, and am currently trying to rewrite it to > stay away from /dev/shm/.
Well, then probably have a look at ifupdown and resolvconf too :)
> It might not be uncommon, but it has never been supported, is against
> the expressed purpose of /dev/shm/, and I will not add noexec back to
> support it.
Okay, I will fix this locally then.
> Yes, I am aware of the /dev/pts/ issue, but I have not tested the
> effect of restrictingit, so I have left it behind. I take it from
> your report that you have verified that it is ok to mount /dev/pts/
> nosuid,noexec? If that is the case, I will add those flags to the
Yes, it is okay. Well, at least I did not experience any problems with
it. And problems are also very unlikely to happen, since /dev/pts
contains *only* device nodes, which should never be executed, neither
normally nor suid :)
Mario
--
But after a while I learned the trick of speaking fast. You don't have
to think any faster; just use twice as many words to say everything.
-- Paul Graham
signature.asc
Description: Digital signature
