Knowledgebase

How to secure /tmp partition on openVZ

You should always secure your /tmp partition, but due to the way a vps is

setup, you cannot mount due to loop back issues, follow the tutorial below,

and you can secure it with 7 simple commands!

Ensure you first have made the partition the size you wish!

1. rm -rf /tmp (Get rid of the old)
2. mkdir /tmp (In with the new)
3. mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp (mount it)
4. chmod 1777 /tmp (Set the correct permissions)
5. echo "tmpfs   /tmp    tmpfs   rw,noexec,nosuid        0       0" >> /etc/fstab (disable it from running scripts in fstab)
6. rm -rf /var/tmp
7. ln -s /tmp /var/tmp

You may also add an extra line to fstab (vi /etc/fstab) and add the line:

none /tmp tmpfs nodev,nosuid,noexec 0 0

You can now be at ease knowing your /tmp partition is secure, and exploits cannot run in the partition!

Add to Favourites    Print this Article

I've orded a Windows VPS and can't get into 'WHM' as stated in the welcome email. (Views: 1985)

What are the exact specs of your hardware? (Views: 2564)

Linux How-To Monitor DD Progress Copying A Drive to a New One (Views: 44967)

What exclusions are there to your "Zero Downtime or Zero Invoice" SLA? (Views: 2691)

How to Refresh/Update cPanel Licence Key / Run Licence Script (Views: 11313)