Index: [Article Count Order] [Thread]

Date:  Sat, 9 Sep 2006 21:57:12 -0400
From:  "Darrell D. Mobley" <dmobley (at mark) uhostme.net>
Subject:  [coba-e:06810] Re: /TMP Directory
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <000301c6d47c$6f07e760$6400a8c0@YOUR4105E587B6>
In-Reply-To:  <007f01c6d45d$635f8810$1e64a8c0@moe>
X-Mail-Count: 06810

Thanks, Brian.  Mine only has the "rw".  Before I run those commands you
send, can I expect any other difficulties from doing so?  I don't want my
site to experience problems that I might not have thought of.

> -----Original Message-----
> From: Brian N. Smith [mailto:brian (at mark) nuonce.net]
> Sent: Saturday, September 09, 2006 6:15 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:06809] Re: /TMP Directory
> 
> > just want to make sure the /TMP security is enabled where files
> > can't be run
> > there.  While I don't think the DDOS attack was successful in
> > running the
> > script, it was successful in shutting down the serer due to MySQL
> > becoming
> 
> [root@bq1 ~]# mount | grep "/tmp"
> /dev/md2 on /tmp type ext3 (rw,noexec,nosuid)
> 
> If your output looks like mine, your good.  Your looking for
> 
> (rw,noexec,nosuid)
> 
> If it isn't there, you can do this;
> 
> # Remount /tmp to be non-executable!
> /usr/bin/perl -pi -e "if (/\/tmp/) { s/defaults/noexec,nosuid,rw/ }"
> /etc/fstab
> /bin/mount -o remount /tmp
> 
> Thanks!
> Brian