X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=docs%2F2_Architecture_Guides%2F2.2_Security_Blueprint%2F4_Kernel%2F1.2.4.5_FileSystems.md;h=14f8c53bdf7092ad00f0ff9cc9469b5ba744a5ac;hb=da6cd0b6c26ca9a3760d8a89ce68baf83eeaa1b1;hp=0d60d9d3f87320b259642ce74e72118bc4b1e34b;hpb=e76766d79c3063b873b75bd2080c654f3f6d71ba;p=AGL%2Fdocumentation.git

diff --git a/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.5_FileSystems.md b/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.5_FileSystems.md
index 0d60d9d..14f8c53 100644
--- a/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.5_FileSystems.md
+++ b/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.5_FileSystems.md
@@ -1,21 +1,19 @@
 ---
-edit_link: ''
 title: File Systems
-origin_url: >-
-  https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-4/5-FileSystems.md
 ---
 
-<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml -->
-
 # File System
 
 ## Disable all file systems not needed
 
-To reduce the attack surface, file system data is parsed by the kernel, so any logic bugs in file system drivers can become kernel exploits.
+To reduce the attack surface, file system data is parsed by the kernel, so any
+logic bugs in file system drivers can become kernel exploits.
 
 ### Disable NFS file system
 
-NFS FileSystems are useful during development phases, but this can be a very helpful way for an attacker to get files when you are in production mode, so we must disable them.
+NFS FileSystems are useful during development phases, but this can be a very
+helpful way for an attacker to get files when you are in production mode, so we
+must disable them.
 
 <!-- section-config -->
 
@@ -32,9 +30,11 @@ Kernel-FileSystems-NFS-2 | `CONFIG_NFS_FS` | `n`
 
 ## Partition Mount Options
 
-There are several security restrictions that can be set on a filesystem when it is mounted. Some common security options include, but are not limited to:
+There are several security restrictions that can be set on a filesystem when it
+is mounted. Some common security options include, but are not limited to:
 
-`nosuid` - Do not allow set-user-identifier or set-group-identifier bits to take effect.
+`nosuid` - Do not allow set-user-identifier or set-group-identifier bits to take
+effect.
 
 `nodev` - Do not interpret character or block special devices on the filesystem.
 
@@ -58,7 +58,9 @@ Kernel-FileSystems-Mount-7 | `/dev`              | Add `nosuid` and `noexec`.
 
 <!-- end-section-config --> <!-- section-note -->
 
-If `CONFIG_DEVTMPFS_MOUNT` is set, then the kernel will mount /dev and will not apply the `nosuid`, `noexec` options. Either disable `CONFIG_DEVTMPFS_MOUNT` or add a remount with `noexec` and `nosuid` options to system startup.
+If `CONFIG_DEVTMPFS_MOUNT` is set, then the kernel will mount /dev and will not
+apply the `nosuid`, `noexec` options. Either disable `CONFIG_DEVTMPFS_MOUNT` or
+add a remount with `noexec` and `nosuid` options to system startup.
 
 <!-- end-section-note --> <!-- section-config -->