Securing your VPS /tmp

Posted by cikul | Posted in Linux | Posted on 26-07-2008-05-2008


tmp can be secured to be noexec in 1 minute, no reboot required. Nothing can execute there – /var/tmp remains a risk – unless that is mounted separately also:

/dev/VolGroup00/LogVol02 /tmp ext3 defaults,nosuid,noexec 1 2

edit the /etc/fstab file, then do a mount -o remount and it will remount /tmp and you are set – just don’t be in /tmp when remounting.

Write a comment