lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 13 Apr 2012 03:05:59 +0000
From: Mark Krenz <mark@...o.com>
To: Grandma Eubanks <tborland1@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Most Linux distributions don't use tmpfs nor
 encrypt swap by default

On Thu, Apr 12, 2012 at 10:53:47PM GMT, Grandma Eubanks [tborland1@...il.com] said the following:
> Fedora Core 15:
> 
> /dev/mapper/vg_youwish-lv_swap swap                    swap
> defaults        0 0
> tmpfs			/tmp			tmpfs 	defaults	0 0
> 
> Removed other options it should have, but defaults do not include
> nosuid,nodev,noexec.

 You obviously customized the install or changed it post installation as
this is not the default way it gets setup.  Below is the filesystem
setup when using all the default options (no customization):

# df -hP
Filesystem            Size  Used Avail Use% Mounted on
rootfs                5.5G  2.1G  3.4G  39% /
udev                  495M     0  495M   0% /dev
tmpfs                 502M  272K  501M   1% /dev/shm
tmpfs                 502M  612K  501M   1% /run
/dev/mapper/vg_fedora15test-lv_root  5.5G  2.1G  3.4G  39% /
tmpfs                 502M     0  502M   0% /sys/fs/cgroup
tmpfs                 502M     0  502M   0% /media
/dev/sda1             485M   30M  430M   7% /boot
/dev/mapper/vg_fedora15test-lv_root  5.5G  2.1G  3.4G  39% /tmp
/dev/mapper/vg_fedora15test-lv_root  5.5G  2.1G  3.4G  39% /var/tmp
/dev/mapper/vg_fedora15test-lv_root  5.5G  2.1G  3.4G  39% /home

Despite what the above looks like, /tmp is actually part of the root
filesystem.

Yes, of course you can change your setup post install or if you're
daring enough during the install, but that wasn't the point of the
research.


-- 
Mark S. Krenz
IT Director
Suso Technology Services, Inc.
 
Sent from Mutt using Linux

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ