How to secure /tmp partition on openVZ Print

  • 24

You should always secure your /tmp partition, but due to the way a vps is setup, you cannot mount due to loop back issues, follow the tutorial below, and you can secure it with 7 simple commands!

Ensure you first have made the partition the size you wish!

Step one: rm -rf /tmp (Get rid of the old)

Step two: mkdir /tmp (In with the new)

Step three: mount -t tmpfs -o rw,noexec,nosuid tmpfs /tmp (mount it)

Step four: chmod 1777 /tmp (Set the correct permissions)

Step five: echo "tmpfs   /tmp    tmpfs   rw,noexec,nosuid        0       0" >> /etc/fstab (disable it from running scripts in fstab)

Step six: rm -rf /var/tmp

Step seven: ln -s /tmp /var/tmp

You may also add an extra line to fstab (vi /etc/fstab) and add the line: none /tmp tmpfs nodev,nosuid,noexec 0 0

You can now be at ease knowing your /tmp partition is secure, and exploits cannot run in the partition!

Was this answer helpful?

« Back

Powered by WHMCompleteSolution