[Bug 1791241] [NEW] If /var/tmp is mounted with noexec the scripts skip the copy of some files
Aurryon
social at staraurryon.com
Fri Sep 7 07:17:51 UTC 2018
Public bug reported:
Hello,
Hardening guides (Securing Debian, CIS, etc...) advise to mount /dev/tmp
with the noexec option. Initramfs hooks are using the /usr/bin/test
utility to check if a file is executable to manage dependencies (if [!
-x /myfile]; then) and copy new files. Therefore, if /dev/tmp is mounted
with noexec, the test utility return false instead of true which breaks
the logic.
How should we handle this case? Is ubuntu officially supporting
hardening (I think so as Debian is doing it)?
Regards,
Aurryon
** Affects: cryptsetup (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1791241
Title:
If /var/tmp is mounted with noexec the scripts skip the copy of some
files
Status in cryptsetup package in Ubuntu:
New
Bug description:
Hello,
Hardening guides (Securing Debian, CIS, etc...) advise to mount
/dev/tmp with the noexec option. Initramfs hooks are using the
/usr/bin/test utility to check if a file is executable to manage
dependencies (if [! -x /myfile]; then) and copy new files. Therefore,
if /dev/tmp is mounted with noexec, the test utility return false
instead of true which breaks the logic.
How should we handle this case? Is ubuntu officially supporting
hardening (I think so as Debian is doing it)?
Regards,
Aurryon
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1791241/+subscriptions
More information about the foundations-bugs
mailing list