What are the effects of changing mount options with nodev,noexec,nosuid on /tmp and /dev/shm?

Solution Verified - Updated -

Issue

For any organisation conducting a security audit. Some audits might recommend
the following changes in fstab.

How evident are these changes to affect an ongoing production system?

Recommended Corrective Control: "Restrict the actions that can be performed
on partitions via the /etc/fstab as follows:

• Add nodev, nosuid and noexec option to /dev/shm
• Add nodev, nosuid, and noexec option to /tmp

Environment

Red Hat Enterprise Linux - 5.6
device-mapper-multipath - 0.4.7-17

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.