nosuid on mounts

[Bill Tangren]

I am required to remove the suid bit on several mounted filesystems. I'd like to 
know what y'all think will happen if I do that.

The file systems are:

none on /sys type sysfs (rw)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/sda1 on /boot type ext3 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)


/sys and /dev/sda1 are found in /etc/fstab. I need to change

LABEL=/boot /boot ext3    defaults        1 2
none        /sys  sysfs   defaults        0 0

to

LABEL=/boot /boot ext3    rw,nosuid,dev,exec,auto,nouser,async        1 2
none        /sys  sysfs   rw,nosuid,dev,exec,auto,nouser,async        0 0

I think binfmt_misc is mounted from /etc/rc.sysinit. I *think* I'd need to change

/bin/mount -t binfmt_misc none /proc/sys/fs/binfmt_misc > /dev/null 2>&1

to

/bin/mount -t binfmt_misc -o noexec none /proc/sys/fs/binfmt_misc > /dev/null 2>&1

The rpc_pipefs is in /etc/modprobe.conf.dist and the mount line is:

install sunrpc /sbin/modprobe --first-time --ignore-install sunrpc && { 
/bin/mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs > /dev/null 2>&1 || :; }

which I assume I'd have to change as for binfmt_misc above.

The usb mount is in /etc/rc.sysinit. There are two lines:

mount -n -t proc /proc /proc
[ -d /proc/bus/usb ] && mount -n -t usbfs /proc/bus/usb /proc/bus/usb

mount -f /dev/pts
[ -f /proc/bus/usb/devices ] && mount -f -t usbfs usbfs /proc/bus/usb

I haven't a clue as to how to modify these without breaking something.

Any comments?

Bill Tangren