Add nodev Option to /home
Details When set on a file system, this option prevents character and block special devices from being defined, or if...
- Home
- Security Hardening
- CIS Ubuntu 12.04 LTS Benchmark L1 V1.1.0
CIS Ubuntu 12.04 LTS Benchmark L1 V1.1.0
Add nodev Option to Removable Media Partitions
Details Set nodev on removable media to prevent character and block special devices that are present on the removable media...Add nodev Option to /run/shm Partition
Details The nodev mount option specifies that the /run/shm (temporary filesystem stored in memory) cannot contain block or character special...Add noexec Option to Removable Media Partitions
Details Set noexec on removable media to prevent programs from executing from the removable media. *Rationale* Setting this option on...Add noexec Option to /run/shm Partition
Details Set noexec on the shared memory partition to prevent programs from executing from there. *Rationale* Setting this option on...Add nosuid Option to Removable Media Partitions
Details Set nosuid on removable media to prevent setuid and setgid executable files that are on that media from being...Add nosuid Option to /run/shm Partition
Details The nosuid mount option specifies that the /run/shm (temporary filesystem stored in memory) will not execute setuid and setgid...Bind Mount the /var/tmp directory to /tmp
Details The /var/tmp directory is normally a standalone directory in the /var file system. Binding /var/tmp to /tmp establishes an...Create Separate Partition for /home
Details The /home directory is used to support disk storage needs of local users. *Rationale* If the system is intended...Create Separate Partition for /tmp
Details The /tmp directory is a world-writable directory used for temporary storage by all users and some applications. *Rationale* Since...