diff options
author | ru <ru@FreeBSD.org> | 2004-11-29 09:56:12 +0000 |
---|---|---|
committer | ru <ru@FreeBSD.org> | 2004-11-29 09:56:12 +0000 |
commit | 4e1356aa93d8feaca102c475335dc666066d81a2 (patch) | |
tree | 357f26984484f30cdee2ea47146380e2e55e3a45 /share/man/man7/security.7 | |
parent | 36647362c7ae7dc360a692db03473b68db996bba (diff) | |
download | FreeBSD-src-4e1356aa93d8feaca102c475335dc666066d81a2.zip FreeBSD-src-4e1356aa93d8feaca102c475335dc666066d81a2.tar.gz |
MNT_NODEV is deprecated.
Diffstat (limited to 'share/man/man7/security.7')
-rw-r--r-- | share/man/man7/security.7 | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/share/man/man7/security.7 b/share/man/man7/security.7 index d44d9dd..1af2bcb 100644 --- a/share/man/man7/security.7 +++ b/share/man/man7/security.7 @@ -23,7 +23,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 18, 1999 +.Dd November 29, 2004 .Dt SECURITY 7 .Os .Sh NAME @@ -630,16 +630,14 @@ and so forth, files that might fall outside the purview of the MD5 check. If you have a huge amount of user disk space it may take too long to run through every file on those partitions. In this case, setting mount -flags to disallow SUID binaries and devices on those partitions is a good +flags to disallow SUID binaries on those partitions is a good idea. The -.Cm nodev -and .Cm nosuid -options +option (see .Xr mount 8 ) -are what you want to look into. +is what you want to look into. I would scan them anyway at least once a week, since the object of this layer is to detect a break-in whether or not the break-in is effective. |