January 2018
Intermediate to advanced
376 pages
8h 45m
English
Content preview from Mastering Linux Security and Hardening
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Preventing SUID and SGID usage on a partition
As we said before, you don't want users to assign SUID and SGID to files that they create, because of the security risk that it presents. You can prevent SUID and SGID usage on a partition by mounting it with the nosuid option. So, the /etc/fstab file entry for the luks partition that I created in the previous chapter would look like this:
/dev/mapper/luks-6cbdce17-48d4-41a1-8f8e-793c0fa7c389 /secrets xfs nosuid 0 0
Different Linux distributions have different ways of setting up default partition schemes during an operating system installation. Mostly, the default way of doing business is to have all directories, except for the /boot directory, under the / partition. If you were to set up a custom ...