Thread: mounting within an already mounted partition

I've been reading up on mount, ever since on my security reading binge, that mounting the /tmp in fstab to have the noexec option eliminates many of the security risks from the nature of /tmp being so open.

Reading through the man pages, I haven't been able to figure out if there are any potential problems with mounting that directory to another directory with the noexec option would have any potentially harmful side effects.

How harmful can is this for /tmp?

Originally Posted by scytale

I've been reading up on mount, ever since on my security reading binge, that mounting the /tmp in fstab to have the noexec option eliminates many of the security risks from the nature of /tmp being so open.

Yup, you got correct information. There is no need to setup exec and other permission on /tmp.

Originally Posted by scytale

Reading through the man pages, I haven't been able to figure out if there are any potential problems with mounting that directory to another directory with the noexec option would have any potentially harmful side effects.

How harmful can is this for /tmp?

Modern kernel does allows to mount same partition under 2 dirs. I've not tried it but results should be unexpected. Also keeping mind that only root can mount /tmp to other location

Thanks, I'll try it on an old box and run some heavier applications, like Octave, some databases when running a dump, and anything else I find that writes to files in /tmp a lot. Maybe even something simple, like taring a very large file over SSH, or SCP.