From: Brent Bailey (mrb@bmyster.com)
Date: Wed Feb 18 2004 - 14:13:36 EST
I wanted to thank those who replied to my post .
QUESTION was ---
I have a freshly installed Solaris 9 system. Im in the middle of hardening
the system. (it will be a server at some point )
anywho one of the things a read on hardening is to set in /etc/vsftab
under mount options:
mount / with options "remount,nosuid"
ANSWER was ---
No. Whoever said to do that for Solaris is incorrect. All the devices
are in the root filesystem. On Solaris, nosuid is equivalent to nodev.
You'll stop all your devices from working.
(in the man page)
suid | nosuid
Allow or disallow setuid/setgid execution.
The default is suid. This option also
allows/disallows opening any device-special
entries that appear within the filesystem.
Boot -s, and hopefully you can modify the mount options.
If not, boot from cdrom or network, mount the root filesystem, change
the mount option.
-- Brent Bailey CCNA _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:28:05 EDT