Security of /tmp /var/tmp /usr/tmpDSK
In order to protect the tmp dir, I added this line on /etc/fstab
tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
/dev/hd2/tmp /tmp ext4 defaults,nodev,nosuid,noexec 0 0
/tmp /var/tmp none rw,noexec,nosuid,nodev,bind 0 0
This is enought to protect the tmp dir?
I should put noexec,nosuid,nodev in the home directory as well?
Thank you.
-
]In order to protect the tmp dir, I added this line on /etc/fstab tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0 /dev/hd2/tmp /tmp ext4 defaults,nodev,nosuid,noexec 0 0 /tmp /var/tmp none rw,noexec,nosuid,nodev,bind 0 0 This is enought to protect the tmp dir? I should put noexec,nosuid,nodev in the home directory as well? Thank you.
I will recommend to add nodev, nosuid, and noexec. To know more, refer [url=http://www.cyberciti.biz/faq/linux-add-nodev-nosuid-noexec-options-to-temporary-storage-partitions/]Linux Security: Mount /tmp With nodev, nosuid, and noexec Options once. Are you using a dedicated server OR a VPS ?0 -
Hello :) That's sufficient for your /tmp partition, but I do not suggest making the same changes for your /home partition. The default mount options for /home are generally acceptable, and adding flags such as "noexec" on /home can lead to permission errors. Thank you. 0 -
These three lines are correct? (About security questions). tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0 /dev/hd2/tmp /tmp ext4 defaults,nodev,nosuid,noexec 0 0 /tmp /var/tmp none rw,noexec,nosuid,nodev,bind 0 0 @milesgeek Dedicated Server. @cPanelMichael What kind of permissions errors? Thank you. 0 -
I don't see any issues with your /tmp mount based on that output. ]@cPanelMichael What kind of permissions errors?
For instance, I've seen cases where Apache will not build because /home is mounted "noexec" and Apache is built from /home/cpeasyapache. Thank you.0
Please sign in to leave a comment.
Comments
4 comments