Is it safe to use external bind mount for /tmp [message #39467] |
Wed, 28 April 2010 19:11 |
Dexus
Messages: 3 Registered: April 2010
|
Junior Member |
|
|
I would like to use bind mount to mount external partitions for /tmp folders in the containers. That would be used in production environment for shared hosting so /tmp dir could contain who knows what...
Is it secure to use external bind mounts for /tmp folder.
I tested it and it works fine, mounted as noexec, also it is a good thing that you can use a separate drive for container /tmp to shift some IO load to different drive, and every container could have a separate /tmp partition, but my only concern is security with this external /tmp bind mounts.
Instead of partitions I would probably use loop devices, but that doesn't make a difference...
I think this should be totally safe, but I would like to hear your thoughts...
|
|
|