noexec tmp
Do you have a 'broken' web application that let's hackers upload files to /tmp and execute them? Here is how to prevent programs uploaded to /tmp from running.
# create a 10MB block device which will be the /tmp file system
cd /root
dd if=/dev/zero of=/root/tmpMnt bs=1024 count=10000
mkfs.ext3 -F /root/tmpMnt
# mount it at /tmp
mv /tmp /tmp.backup
mkdir /tmp
mount -o loop,noexec,nosuid,rw /root/tmpMnt /tmp
chmod 0777 /tmp
# make it so it is used on boot up
if ! grep -qai tmpMnt /etc/fstab ; then
echo "/root/tmpMnt /tmp ext3 loop,noexec,nosuid,rw 0 0" >> /etc/fstab
fi
# check your syntax is ok
mount -a
# check that programs in /tmp will not run
cp /bin/ls /tmp/
/tmp/ls
2 comments (by yves, alicia) |
post comment
Back To RimuHosting.comLogged in Users: (0)
Recently Changed
Hot Snips
- 791012start
- 72986ruby on rails
- 47573postfixadmin on debian sarge
- 16744ajax autocomplete
- 16459liferay install on tomcat 5.5
- 13684postfix notes
- 13512john
- 12296-Xmx settings
- 11869retep
- 11542snipsnap-search
Recently Changed Weblogs
No new weblogs.
people came here from:
- 2 http://www.google.com/search?q=rails+portlet&start=0&ie=utf-8&oe=utf-8&client=firefox-a&...
- 1 http://www.google.com/search?q=ruby+on+rails+portlet&btnG=Search&hl=en&lr=&client=firefo...
- 1 http://www.google.de/search?q=portlet+bash&hl=de&start=10&sa=N
- 1 http://www.google.ro/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&channel=...
- 1 http://www.google.com/search?q=liferay+rails+portlet&hl=en&safe=active&client=firefox-a&...
- 1 http://www.google.dk/search?q=rails+portlet&btnG=S%C3%B8g&hl=da&client=firefox-a&rls=org...
- 1 http://www.google.com/search?hl=en&lr=&client=safari&rls=en&q=ruby+portlet&btnG=Search
- 1 www.google.co.in: hot snips
- 1 http://www.google.com/search?hl=en&lr=&newwindow=1&q=ruby+on+rails+portlet
- 1 www.google.com.au: rails portlet