Securing your VPS /tmp
Posted by cikul | Posted in Linux | Posted on 26-07-2008-05-2008
0
tmp can be secured to be noexec in 1 minute, no reboot required. Nothing can execute there – /var/tmp remains a risk – unless that is mounted separately also:
/dev/VolGroup00/LogVol02 /tmp ext3 defaults,nosuid,noexec 1 2
edit the /etc/fstab file, then do a mount -o remount and it will remount /tmp and you are set – just don’t be in /tmp when remounting.