Kicksecure ™

Download

On Computer USB Installation Debian morph to Kicksecure Windows (VM) Linux (VM) Mac (VM) VirtualBox (VM) KVM (VM) Qubes (VM) More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Forum Best Practices Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print VersionDebug Helper Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Secure Mount Options for better Security Hardening

It is planned to mount the user's /home/user folder with noexec by default.

This is part of:

• the Kicksecure Security Roadmap,
• the Strong Linux User Account Isolation design,
• also related to SUID Disabler and Permission Hardener.

This will supplemented this at a later time:

• lock down interpreters / compilers (interpreter lock) (compiler lock)
• Multiple Boot Modes for Better Security: an Implementation of Untrusted Root

The goal of all of this is that it becomes harder for a Linux user account that might have been compromised by malware to compromise other Linux user accounts or VM escape. This will because malware running under a non-root user won't have access to create and run new binaries, use compilers or code interpreters as well as having less access to SUID / SGID enabled binaries.

The policy of No Intentional User Freedom Restrictions remains in place as always.

Related Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Related Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Noexec#Related|Related]]
Copy as Wikitext Click = Copy Copied to clipboard! [Related](https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Related)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Related](https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Related)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Related]Related[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

• Dev/remount-secure
• https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707

Footnotes Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Footnotes Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Noexec#Footnotes|Footnotes]]
Copy as Wikitext Click = Copy Copied to clipboard! [Footnotes](https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Footnotes)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Footnotes](https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Footnotes)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569#Footnotes]Footnotes[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Kicksecure A secure by default operating system with the latest security research in place. Copy or share this direct link! Click = Copy Copied to clipboard! https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569 Click below ↴ = Copy to Clipboard Click = Copy Copied to clipboard! [[Noexec|Enhanced Security via Mount Options and Compiler Restrictions]]
Copy as Wikitext Click = Copy Copied to clipboard! [Enhanced Security via Mount Options and Compiler Restrictions](https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569)
for Discourse, reddit, GitHub Click = Copy Copied to clipboard! [Enhanced Security via Mount Options and Compiler Restrictions](https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569)
Copy as Markdown Click = Copy Copied to clipboard! [url=https://www.kicksecure.com/wiki/Noexec?direction=next&oldid=78569]Enhanced Security via Mount Options and Compiler Restrictions[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!