From 3e592f5959f2a106c28d99a8d7539a6346d47970 Mon Sep 17 00:00:00 2001
From: Brian Gianforcaro <bgianf@serenityos.org>
Date: Sat, 23 Oct 2021 23:08:27 -0700
Subject: [PATCH] Base: Make /usr/Tests read-only since it's now suid capable

Commit cf0dbc906 recently added the ability for setuid binaries to be
located in /usr/Tests. This should really now be read only to mitigate
the potential misuse of any of the setuid binaries.
---
 Base/etc/fstab | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Base/etc/fstab b/Base/etc/fstab
index 1ef2e832aa..4c1f6a35e9 100644
--- a/Base/etc/fstab
+++ b/Base/etc/fstab
@@ -8,6 +8,6 @@
 /root	/root	bind	bind,nodev,nosuid
 /var	/var	bind	bind,nodev,nosuid
 /www	/www	bind	bind,nodev,nosuid
-/usr/Tests	/usr/Tests	bind	bind,nodev
+/usr/Tests	/usr/Tests	bind	bind,nodev,ro
 
 none	/tmp	tmp	nodev,nosuid