From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jarkko Sakkinen Date: Fri, 11 Dec 2020 10:40:50 +0000 Subject: Re: Antw: [EXT] Re: [systemd-devel] Creating executable device nodes in /dev? Message-Id: <20201211104050.GC12091@kernel.org> List-Id: References: <0f17eade-5e99-be29-fd09-2d0a1949ac7f@gmail.com> <9DF5C88B-5156-455A-BA3F-EB19CAA0411B@amacapital.net> <20201209001521.GA64007@kernel.org> <5FD083BC020000A10003D6A0@gwsmtp.uni-regensburg.de> In-Reply-To: <5FD083BC020000A10003D6A0@gwsmtp.uni-regensburg.de> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Ulrich Windl Cc: "systemd-devel@lists.freedesktop.org" , linux-hotplug@vger.kernel.org, linux-sgx@vger.kernel.org On Wed, Dec 09, 2020 at 08:58:52AM +0100, Ulrich Windl wrote: > >>> Jarkko Sakkinen schrieb am 09.12.2020 um 01:15 in Nachricht > <20201209001521.GA64007@kernel.org>: > > ... > > > > What's the data that supports having noexec /dev anyway? With root > > access I can then just use something else like /dev/shm mount. > > > > Has there been out in the wild real world cases that noexec mount > > of would have prevented? > > > > For me this sounds a lot just something that "feels more secure" > > without any measurable benefit. Can you prove me wrong? > > I think the better question is: Why not allow it? I.e.: Why do you want to forbid it? > > Event though I wouldn't like it myself, I could even think of noexec /tmp. On an instance of an OS you should limit whatever is appropriate for your use case. The debate is about sane defaults. My argument is essentially that noexec /dev is not a sane default. For anyone to who this makes sense, does such thing anyway. For others, noexec /dev is only artificially useful. > Regards, > Ulrich /Jarkko