From 191ae147fdabc2226b80de067a83c54ebac7a073 Mon Sep 17 00:00:00 2001 From: inference Date: Tue, 13 Feb 2024 04:34:37 +0000 Subject: [PATCH] Set `nosuid` mount option on "/home/" There is currently no reason to allow setting the setuid bit on files located in "/home/". Only system files located on "/" require setuid bits. --- aa000-0/fstab | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aa000-0/fstab b/aa000-0/fstab index 833de61..88e6d26 100644 --- a/aa000-0/fstab +++ b/aa000-0/fstab @@ -1,6 +1,6 @@ # Inferencium - aa000-0 # Filesystem Table -# Version: 4.0.0-alpha.31 +# Version: 4.0.0-alpha.32 # Copyright 2023 Jake Winters # SPDX-License-Identifier: BSD-3-Clause @@ -29,4 +29,4 @@ tmpfs /usr/local/src/compile/ tmpfs size=16G,uid=root,gid=root,mode=0700,noauto, # Remote filesystems ## /home/ -xa000-1:/srv/nfs/home/ /home/ nfs auto,_netdev,nfsvers=4.0,rw 0 0 +xa000-1:/srv/nfs/home/ /home/ nfs auto,_netdev,nfsvers=4.0,rw,nosuid 0 0