Security Handbook/Mounting partitions

provides a few security options. == Mounting partitions == When mounting an ext2, ext3, ext4, or reiserfs partition, a few security related mount options can be applied in. The options are:


 * : Ignores the SUID bit and make it just like an ordinary file.
 * : Prevents execution of files from this partition.
 * : Ignores devices.

Unfortunately, these settings can easily be circumvented by executing a non-direct path. However, setting to   will stop the majority of exploits designed to be executed directly from.

For example, a planning out file may look something like the following: