Our Web & Email Hosting ServicesDomain Name RegistrationWindows Media StreamingDedicated ServersVirtual Servers

Securing linux tmp folders - 17th July 2007

Hackers can use your tmp folder to upload and execute their own scripts, this can easily be solved by creating an empty filesystem on your server that does not have execute permissions

heres how:

cd /root

Create 500MB file for our /tmp partition. If you need more space, make count size larger.

dd if=/dev/zero of=tmpMnt bs=1024 count=500000

Make an extended filesystem for our tmpMnt file

/sbin/mke2fs /root/tmpMnt

Mount the new /tmp filesystem with noexec

mount -o loop,noexec,nosuid,rw /root/tmpMnt /tmp

chmod 1777 /tmp

Now we need to add this to fstab so it mounts automatically on reboots.

At the bottom add

/root/tmpMnt             /tmp                    ext2    loop,noexec,nosuid,rw  0 0

Job done!

Web Design News Index

Web Design Package 1 £499
Web Design Package 2 £699
Web Design Package 3 £999
Bespoke Web Design starting from £1499
Web Hosting

© 2008 Theserve LTD | Company No. 6629325 | Web Design & Hosting News | Online Payments | Service Level