Prev Next

9.3. Mount Policy¶

The mount policy can be defined by mount options that can help you prevent unexpected usage of files. These options are listed in the table:

Option	Description
`noexec`	Forbid direct execution of any binaries on the mounted file system.
`nodev`	Do not interpret character or block special devices on the file system.
`nosuid`	Forbid the `set-user-identifier` or `set-group-identifier` bits to have effect.
`nouser`	Forbid an ordinary (non-root) user to mount the file system.

You can add these mount options to corresponding partitions in /etc/fstab. For example, the noexec option can be applied to the /tmp partition, while all of the above options can be applied to removable media mounts (CDROMs, DVDROMs, floppy drives, USB memory cards, etc.).

Version 7.5 — Nov 04, 2024

Edit Print

Prev Next