diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-03-02 12:55:24 +0100 |
|---|---|---|
| committer | Sven Eden <yamakuzure@gmx.net> | 2018-05-30 07:59:11 +0200 |
| commit | 5444dd98c769e3597681ae10c7f65a999f84eff5 (patch) | |
| tree | 900f939fa7d3047be5d9dce424ce6a180c2795fb /src/core | |
| parent | a73ff5e5b4372cd8e9e97ee875c9fd48a69fb84b (diff) | |
mount-setup: change bpf mount mode to 0700 (#8334)
After discussing with the kernel folks, we agreed to default to 0700 for
this. Better safe than sorry.
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/mount-setup.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index 7786e22ca..8fb0a1dea 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -124,7 +124,7 @@ static const MountPoint mount_table[] = { { "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, is_efi_boot, MNT_NONE }, #endif - { "bpf", "/sys/fs/bpf", "bpf", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, + { "bpf", "/sys/fs/bpf", "bpf", "mode=700", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL, MNT_NONE, }, #else { "cgroup", "/sys/fs/cgroup/elogind", "cgroup", "none,name=elogind,release_agent="SYSTEMD_CGROUP_AGENT_PATH",xattr", MS_NOSUID|MS_NOEXEC|MS_NODEV, |