diff options
Diffstat (limited to 'etc/disable-exec.inc')
-rw-r--r-- | etc/disable-exec.inc | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/etc/disable-exec.inc b/etc/disable-exec.inc new file mode 100644 index 000000000..c535af7d4 --- /dev/null +++ b/etc/disable-exec.inc | |||
@@ -0,0 +1,11 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include disable-exec.local | ||
4 | |||
5 | noexec ${HOME} | ||
6 | noexec ${RUNUSER} | ||
7 | noexec /dev/shm | ||
8 | noexec /tmp | ||
9 | # /var/tmp is noexec by default | ||
10 | # just in case there is a keep-var-tmp option: | ||
11 | noexec /var/tmp | ||