How to Apply Security Restrictions

Create the following entry in the name service auto_master file, either NIS or NIS+:

/home     auto_home     -nosuid

The nosuid option prevents users from creating files with the setuid or setgid bit set.

This entry overrides the entry for /home in a generic local /etc/auto_master file (see the previous example) because the +auto_master reference to the external name service map occurs before the /home entry in the file. If the entries in the auto_home map include any mount options, then the nosuid option would be overwritten, so either no options should be used in the auto_home map or the nosuid option must be included with each entry.

Note -

Do not mount the home directory disk partitions on or under /home on the server.

Previous: How to Replicate Shared Files Across Several Servers
Next: Disabling Autofs Browsability