Filed under:
How to secure /tmp partition on openVZ
You should always secure your /tmp partition, but due to the way a vps is
setup, you cannot mount due to loop back issues, follow the tutorial below,
and you can secure it with 7 simple commands!
Ensure you first have made the partition the size you wish!
- rm -rf /tmp (Get rid of the old)
- mkdir /tmp (In with the new)
- mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp (mount it)
- chmod 1777 /tmp (Set the correct permissions)
- echo "tmpfs /tmp tmpfs rw,noexec,nosuid 0 0" >> /etc/fstab (disable it from running scripts in fstab)
- rm -rf /var/tmp
- ln -s /tmp /var/tmp
You may also add an extra line to fstab (vi /etc/fstab) and add the line:
none /tmp tmpfs nodev,nosuid,noexec 0 0
You can now be at ease knowing your /tmp partition is secure, and exploits cannot run in the partition!
Add to Favourites Print this Article
Also Read