Powered by Blogger.

Securing /tmp, /var/tmp and dev/shm directories

Temporary directories such as /tmp, /var/tmp and /dev/shm provide space for malicious executables on  operating systems.Malicious users can use this space to execute unwanted program on your server.For prevent this case you must  nosuidnodevand noexec on this partition.

  • nosuid – Do not set SUID/SGID access on this partition
  • nodev – Do not character or special devices on this partition
  • noexec – Do not set execution of any binaries on this partition
Add nosuidnodev and noexec to /tmp, /var/tmp and /dev/shm
Edit the file /etc/fstab:
nano -w /etc/fstab
Add following to your /etc/fstab:
/tmp /tmp tmpfs defaults,nosuid,noexec 0 0
/var/tmp /var/tmp tmpfs defaults,nosuid,noexec 0 0
/dev/shm /dev/shm tmpfs defaults,noexec,nosuid 0 0
Save and exit . Now run following command:
mount -a
    Blogger Comment
    Facebook Comment