Explanation of nodev and nosuid in fstab
Posted
by
Ivan Kovacevic
on Server Fault
See other posts from Server Fault
or by Ivan Kovacevic
Published on 2013-10-19T15:45:34Z
Indexed on
2013/10/19
15:57 UTC
Read the original article
Hit count: 240
I see those two options constantly suggested on the web when someone describes how to mount a tmpfs or ramfs. Often also with noexec but I'm specifically interested in nodev and nosuid. I basically hate just blindly repeating what somebody suggested, without real understanding. And since I only see copy/paste instructions on the net regarding this, I ask here.
This is from documentation:
nodev - Don't interpret block special devices on the filesystem.
nosuid - Block the operation of suid, and sgid bits.
But I would like a practical explanation what could happen if I leave those two out. Let's say that I have configured tmpfs or ramfs(without these two mentioned options set) that is accessible(read+write) by a specific (non-root)user on the system. What can that user do to harm the system? Excluding the case of consuming all available system memory in case of ramfs
© Server Fault or respective owner