Temporary directories such as /tmp, /var/tmp and /dev/shm provide space for malicious executables on linux operating systems.Malicious users can use this space to execute unwanted program on your server.For prevent this case you must disable nosuid, nodevand noexec on this partition.
- nosuid – Do not set SUID/SGID access on this partition
- nodev – Do not character or special devices on this partition
- noexec – Do not set execution of any binaries on this partition
Add nosuid, nodev and noexec to /tmp, /var/tmp and /dev/shm
Edit the file /etc/fstab:
nano -w /etc/fstab
Add following to your /etc/fstab:
/tmp /tmp tmpfs defaults,nosuid,noexec 0 0 /var/tmp /var/tmp tmpfs defaults,nosuid,noexec 0 0 /dev/shm /dev/shm tmpfs defaults,noexec,nosuid 0 0
Save and exit . Now run following command:
mount -a
Blogger Comment
Facebook Comment