security-misc icon indicating copy to clipboard operation
security-misc copied to clipboard
verified publisher icon Kicksecure

Use systemd .mount files for stricter mount options and remove remount-secure

Open madaidan opened this issue 5 years ago • 2 comments

The only missing parts of this are the /tmp, /dev/shm and /run restrictions as systemd doesn't seem to like them:

dev-shm.mount: Cannot create mount unit for API file system /dev/shm

madaidan avatar Mar 07 '20 20:03 madaidan

https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/42

adrelanos avatar Mar 11 '20 13:03 adrelanos

https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/45

adrelanos avatar Mar 12 '20 14:03 adrelanos

Stalled.

adrelanos avatar Nov 16 '22 14:11 adrelanos