securing /tmp on cpanel box

I was told on ExpertExchange about this method of securing tmp partition. Do you agree this is good and will not conflict with anything on a production server?

To protect your /tmp directory, do the following:


# lsof | grep /tmp

this will display a list of services using your /tmp directory, stop these services.

then run the following:
==============
cd /
dd if=/dev/zero of=/tmpdir bs=1024 count=200000
mkfs.ext3 -F /tmpdir
mv /tmp /tmp.backup
mkdir /tmp
mount -o loop,noexec,nosuid,rw /tmpdir /tmp
chmod 0777 /tmp
if ! grep -qai tmpdir /etc/fstab ; then
echo "/tmpdir /tmp ext3 loop,noexec,nosuid,rw 0 0" >> /etc/fstab
fi
mount -a
cp /bin/ls /tmp/
/tmp/ls
===============

This should give you an output like this:

-bash: /tmp/ls: Permission denied


Then restart your services, this way scripts like that won't be allowed to to run out of your /tmp directory.

 

 

 

 

Top