Knowledgebase

How to secure /tmp partition on openVZ

You should always secure your /tmp partition, but due to the way a vps is

setup, you cannot mount due to loop back issues, follow the tutorial below,

and you can secure it with 7 simple commands!

Ensure you first have made the partition the size you wish!

1. rm -rf /tmp (Get rid of the old)
2. mkdir /tmp (In with the new)
3. mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp (mount it)
4. chmod 1777 /tmp (Set the correct permissions)
5. echo "tmpfs   /tmp    tmpfs   rw,noexec,nosuid        0       0" >> /etc/fstab (disable it from running scripts in fstab)
6. rm -rf /var/tmp
7. ln -s /tmp /var/tmp

You may also add an extra line to fstab (vi /etc/fstab) and add the line:

none /tmp tmpfs nodev,nosuid,noexec 0 0

You can now be at ease knowing your /tmp partition is secure, and exploits cannot run in the partition!

Add to Favourites    Print this Article

How to Refresh/Update cPanel Licence Key / Run Licence Script (Views: 11401)

Can reverse DNS (rDNS) be set up? (Views: 2784)

Set up SSH for use without a password? (Views: 2052)

Can you create a customised plan for me? (Views: 2302)

How do I Allow Remote Access to MySQL for Specific Users to My Virtual/Dedicated/Cloud Server (Views: 4610)