Filed under:

How to secure /tmp partition on openVZ




You should always secure your /tmp partition, but due to the way a vps is

setup, you cannot mount due to loop back issues, follow the tutorial below,

and you can secure it with 7 simple commands!

Ensure you first have made the partition the size you wish!

  1. rm -rf /tmp (Get rid of the old)
  2. mkdir /tmp (In with the new)
  3. mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp (mount it)
  4. chmod 1777 /tmp (Set the correct permissions)
  5. echo "tmpfs   /tmp    tmpfs   rw,noexec,nosuid        0       0" >> /etc/fstab (disable it from running scripts in fstab)
  6. rm -rf /var/tmp
  7. ln -s /tmp /var/tmp

You may also add an extra line to fstab (vi /etc/fstab) and add the line:

none /tmp tmpfs nodev,nosuid,noexec 0 0

You can now be at ease knowing your /tmp partition is secure, and exploits cannot run in the partition!



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read

Language: