FreeBSD 4.x: Safe to unmount the proc filesystem??
Posted on 2001-09-03
This question relates to patching a security hole in FREEBSD 4.1 as advised in the advisory below.
My question is:
Is it safe to unmount the proc filesystem on a production server ?
Can this be used as a permanent workaround ?
procfs vulnerability leaks set[ug]id process memory
To work around the problem, perform the following steps as root:
Unmount all instances of the procfs and linprocfs filesystems using
the unmount(8) command:
# umount -f -a -t procfs
# umount -f -a -t linprocfs
Disable the automatic mounting of all instances of procfs in /etc/fstab:
remove or comment out the line(s) of the following form:
proc /proc procfs rw 0 0
proc /compat/linux/proc linprocfs rw 0 0