Results 1 to 1 of 1
-
16th Jun 2014, 01:06 PM #1
ecuring /tmp partition cPanel/WHM
If you are renting a server then chances are everything is lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive. Learn how to create a secure /tmp partition even while your server is already up and running.
Recently, I found out it would be worthwhile to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.
What we are doing it creating a file that we will use to mount at /tmp. So log into SSH and SU to root so we may being!
Code:cd /dev
Code:dd if=/dev/zero of=tmpMnt bs=1024 count=100000
Code:/sbin/mke2fs /dev/tmpMnt
Code:cd /
Code:cp -R /tmp /tmp_backup
Code:mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
Code:chmod 0777 /tmp
Code:cp -R /tmp_backup/* /tmp/
Code:rm -rf /tmp_backup
Code:pico -w /etc/fstab
Code:/dev/hda3 / ext3 defaults,usrquota 1 1 /dev/hda1 /boot ext3 defaults 1 2 none /dev/pts devpts gid=5,mode=620 0 0 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 /dev/hda2 swap swap defaults 0 0
Code:/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0
Save it!
Ctrl + X and Y
Your done- /tmp is now mounted as noexec. You can sleep a little bit safer tonight. I created a hello world c++ and compiled it then moved it to /tmp. Upon trying to run it (even chmod +x'ed), it gives the following error:
Code:bash: ./a.out: Permission denied
Areon Reviewed by Areon on . ecuring /tmp partition cPanel/WHM If you are renting a server then chances are everything is lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive. Learn how to create a secure /tmp partition even while your server is already up and running. Recently, I found out it would be worthwhile to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote Rating: 5
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
[Shared] UnderHost .:. Offshore Hosting * $5.00 * Daily Backups * cPanel/WHM
By xmsax in forum ArchiveReplies: 4Last Post: 1st May 2009, 09:49 PM -
CPanel/WHM
By d3monic in forum Server ManagementReplies: 5Last Post: 26th Mar 2009, 06:03 PM -
[Shared] UnderHost .:. Offshore Hosting - $5.00 + Daily Backups + cPanel/WHM
By xmsax in forum ArchiveReplies: 9Last Post: 17th Feb 2009, 01:48 PM -
[VPS] UnderHost .:. December Coupon - VPS - 60% OFF + FREE CPanel/WHM
By xmsax in forum ArchiveReplies: 10Last Post: 8th Feb 2009, 11:33 PM -
Installing cPanel + WHM
By Lease in forum Technical and Security TutorialsReplies: 1Last Post: 11th Jan 2008, 12:14 AM
themaManager - edit and manage...
Version 4.04 released. Open older version (or...