HPE Community
Operating System - HP-UX
1825769 Members
2016 Online
109687 Solutions
New Discussion

Re: How to Mount a UX F/Sys with nodev,noexec,nosuid

 
Declan Mc Kay
Occasional Advisor

‎04-15-2003 03:51 AM

‎04-15-2003 03:51 AM

How to Mount a UX F/Sys with nodev,noexec,nosuid

Hi, I like to mount my /home & /tmp file systems with options nodev,noexec,nosuid. We do this on our Free BSD-Servers, however I can't see a way to do this in HP-UX11i. We have a security policy for mounting /home & /tmp with these options. Man on mount Cmd on a Free-BSD machine is as follows which explains these options:
nodev Do not interpret character or block special devices on
the file system. This option is useful for a server that
has file systems containing special devices for architec-
tures other than its own.

noexec Do not allow execution of any binaries on the mounted
file system. This option is useful for a server that has
file systems containing binaries for architectures other
than its own.

nosuid Do not allow set-user-identifier or set-group-identifier
bits to take effect. Note: this option is worthless if a
public available suid or sgid wrapper like suidperl(1) is
installed on your system.
0 Kudos
Reply
4 REPLIES 4
steven Burgess_2
Honored Contributor

‎04-15-2003 03:55 AM

‎04-15-2003 03:55 AM

Re: How to Mount a UX F/Sys with nodev,noexec,nosuid

Hi

Just specify the mount options in /etc/fstab

Should do it for you

HTH

Steve
take your time and think things through
0 Kudos
Reply
Tore_1
Regular Advisor

‎04-15-2003 04:02 AM

‎04-15-2003 04:02 AM

Re: How to Mount a UX F/Sys with nodev,noexec,nosuid

Can't find any support for noexec and nodev. You can however specify nosuid (see man mount_vxfs under special options.)
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎04-15-2003 04:02 AM

‎04-15-2003 04:02 AM

Re: How to Mount a UX F/Sys with nodev,noexec,nosuid

Searching the man pages for mount_vxfs and mount_hfs reveals that nosuid is available but I see neither the nodev option, nor the noexec option. It doesn't look like this is possible in HP-UX.


Pete

Pete
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎04-15-2003 04:04 AM

‎04-15-2003 04:04 AM

Re: How to Mount a UX F/Sys with nodev,noexec,nosuid

Hi:

I don't believe the options 'nodev' and 'noexec' are valid in HP-UX.

The specification of 'suid|nosuid' looks like this in 'etc/fstab':

# /dev/vg02/lvol1 /myfs vxfs rw,nosuid,delaylog,datainlog 0 2

See the various man pages for 'mount' for more options.

Regards!

...JRF...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.