+- Linux-Noob Forums (https://www.linux-noob.com/forums)
+-- Forum: Linux Noob (https://www.linux-noob.com/forums/forum-3.html)
+--- Forum: Tips and Tricks (https://www.linux-noob.com/forums/forum-59.html)
+---- Forum: Filesystem Management (https://www.linux-noob.com/forums/forum-26.html)
+---- Thread: Securing your /tmp directory (/thread-3353.html)
Securing your /tmp directory - vandal - 2004-05-28
Securing your /tmp directory could save you from an un-updated PHP script, where someone attempts to write an executable program with malicous code too.
I AM NOT RESPONSIBLE FOR ANY PROBLEMS THIS MAY CAUSE
that being said, lets get to it:
Code:
cd /devCreate 500MB file for our /tmp partition. If you need more space, make count size larger.
Code:
dd if=/dev/zero of=tmpMnt bs=1024 count=500000Make an extended filesystem for our tmpMnt file
Code:
/sbin/mke2fs /dev/tmpMntBackup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.
Code:
cd /Code:
cp -pR /tmp /tmp_backupMount the new /tmp filesystem with noexec
Code:
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmpCode:
chmod 0777 /tmpCopy everything back to new /tmp and remove backup
Code:
cp -pR /tmp_backup/* /tmp/Now we need to add this to fstab so it mounts automatically on reboots.
Code:
pico -w /etc/fstabYou should see something like this:
Code:
/dev/hda3