Upcoming security enhancements include mounting key directories with secure options and restricting compiler and interpreter access by default.

Upcoming Security Enhancements[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Upcoming_Security_Enhancements Click below ↴ = Copy to Clipboard [[Noexec#Upcoming_Security_Enhancements|Upcoming Security Enhancements]]
Copy as Wikitext [Upcoming Security Enhancements](https://www.kicksecure.com/wiki/Noexec#Upcoming_Security_Enhancements)
for Discourse, reddit, GitHub [Upcoming Security Enhancements](https://www.kicksecure.com/wiki/Noexec#Upcoming_Security_Enhancements)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Upcoming_Security_Enhancements]Upcoming Security Enhancements[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Mounting Directories Securely[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Mounting_Directories_Securely Click below ↴ = Copy to Clipboard [[Noexec#Mounting_Directories_Securely|Mounting Directories Securely]]
Copy as Wikitext [Mounting Directories Securely](https://www.kicksecure.com/wiki/Noexec#Mounting_Directories_Securely)
for Discourse, reddit, GitHub [Mounting Directories Securely](https://www.kicksecure.com/wiki/Noexec#Mounting_Directories_Securely)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Mounting_Directories_Securely]Mounting Directories Securely[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

We are preparing to enhance system security by mounting important directories, such as /home/user, with the following options by default:

noexec
nodev
nosuid

These options are designed to prevent the execution of binaries and scripts within these directories, reducing the risk of unauthorized or malicious code execution.

Restricting Compiler and Interpreter Access[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Restricting_Compiler_and_Interpreter_Access Click below ↴ = Copy to Clipboard [[Noexec#Restricting_Compiler_and_Interpreter_Access|Restricting Compiler and Interpreter Access]]
Copy as Wikitext [Restricting Compiler and Interpreter Access](https://www.kicksecure.com/wiki/Noexec#Restricting_Compiler_and_Interpreter_Access)
for Discourse, reddit, GitHub [Restricting Compiler and Interpreter Access](https://www.kicksecure.com/wiki/Noexec#Restricting_Compiler_and_Interpreter_Access)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Restricting_Compiler_and_Interpreter_Access]Restricting Compiler and Interpreter Access[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Access to compilers and interpreters will also be restricted to minimize the risk of malicious code compilation and execution. These restrictions are part of our proactive approach to security.

Impact on Users and Workflows[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Impact_on_Users_and_Workflows Click below ↴ = Copy to Clipboard [[Noexec#Impact_on_Users_and_Workflows|Impact on Users and Workflows]]
Copy as Wikitext [Impact on Users and Workflows](https://www.kicksecure.com/wiki/Noexec#Impact_on_Users_and_Workflows)
for Discourse, reddit, GitHub [Impact on Users and Workflows](https://www.kicksecure.com/wiki/Noexec#Impact_on_Users_and_Workflows)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Impact_on_Users_and_Workflows]Impact on Users and Workflows[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

While these measures will provide greater security, they may affect advanced users who rely on script execution in their home directories. We understand the potential for disruption and of course will provide options to opt-out.

Opting Out[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Opting_Out Click below ↴ = Copy to Clipboard [[Noexec#Opting_Out|Opting Out]]
Copy as Wikitext [Opting Out](https://www.kicksecure.com/wiki/Noexec#Opting_Out)
for Discourse, reddit, GitHub [Opting Out](https://www.kicksecure.com/wiki/Noexec#Opting_Out)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Opting_Out]Opting Out[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Instructions for users who prefer to opt out of these settings will be provided. Detailed documentation will be available on our wiki well before these changes are implemented. Should there be sufficient demand, we may also offer packages or scripts to simplify the opt-out process.

Integration with Security Initiatives[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Integration_with_Security_Initiatives Click below ↴ = Copy to Clipboard [[Noexec#Integration_with_Security_Initiatives|Integration with Security Initiatives]]
Copy as Wikitext [Integration with Security Initiatives](https://www.kicksecure.com/wiki/Noexec#Integration_with_Security_Initiatives)
for Discourse, reddit, GitHub [Integration with Security Initiatives](https://www.kicksecure.com/wiki/Noexec#Integration_with_Security_Initiatives)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Integration_with_Security_Initiatives]Integration with Security Initiatives[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

These security improvements are integral to our broader security strategy, including:

The goal is to fortify Linux user accounts against malware, making it difficult for a compromised account to affect others or to escape the virtual machine (VM) environment.

Commitment to User Freedom[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Commitment_to_User_Freedom Click below ↴ = Copy to Clipboard [[Noexec#Commitment_to_User_Freedom|Commitment to User Freedom]]
Copy as Wikitext [Commitment to User Freedom](https://www.kicksecure.com/wiki/Noexec#Commitment_to_User_Freedom)
for Discourse, reddit, GitHub [Commitment to User Freedom](https://www.kicksecure.com/wiki/Noexec#Commitment_to_User_Freedom)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Commitment_to_User_Freedom]Commitment to User Freedom[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Our commitment to No Intentional User Freedom Restrictions remains firm. Users retain the freedom to configure their systems as they see fit, in line with our core principles.

Additional Resources[edit] Copy or share this direct link! https://www.kicksecure.com/wiki/Noexec#Additional_Resources Click below ↴ = Copy to Clipboard [[Noexec#Additional_Resources|Additional Resources]]
Copy as Wikitext [Additional Resources](https://www.kicksecure.com/wiki/Noexec#Additional_Resources)
for Discourse, reddit, GitHub [Additional Resources](https://www.kicksecure.com/wiki/Noexec#Additional_Resources)
Copy as Markdown [url=https://www.kicksecure.com/wiki/Noexec#Additional_Resources]Additional Resources[/url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

For further details on these security measures and discussions around them, refer to:

url]
Copy as phpBB Click below ↴ = Open social URL with share data We don't use embedded scripts This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also Social Share Button.

Kicksecure is an Implementation of the Securing Debian Manual. This chapter has been inspired by: Securing Debian Manual, chapter Mounting partitions the right way

Kicksecure is an Implementation of the Securing Debian Manual. This chapter has been inspired by: Securing Debian Manual, chapter Setting /tmp noexec

Kicksecure

A secure by default operating system with the latest security research in place.

Dark mode

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint

2012- 2025 ENCRYPTED SUPPORT LLC

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!

Enhanced Security via Mount Options and Compiler Restrictions

Contents

Navigation menu

Enhanced Security via Mount Options and Compiler Restrictions

Navigation menu

Search

Disable server cache for this browser

Debug vis URL