Index: [Article Count Order] [Thread]

Date:  Sat, 9 Sep 2006 22:10:21 -0400
From:  "Darrell D. Mobley" <dmobley (at mark) uhostme.net>
Subject:  [coba-e:06811] Re: /TMP Directory
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <000801c6d47e$45dc6f80$6400a8c0@YOUR4105E587B6>
In-Reply-To:  <007f01c6d45d$635f8810$1e64a8c0@moe>
X-Mail-Count: 06811

Brian, I tried to run your remount commands.  I tried first to run them
individually.  And then I tried to run them all in a block.  Each time, the
server sits after the first command is entered, like it's waiting on
something else.  When I ran it as a block, the second and third commands
repeated themselves on the screen.  When I ran them by themselves, the first
one gave a permissions error (it is 644), so I didn't run the second.

Thoughts?

> -----Original Message-----
> From: Brian N. Smith [mailto:brian (at mark) nuonce.net]
> Sent: Saturday, September 09, 2006 6:15 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:06809] Re: /TMP Directory
> 
> > just want to make sure the /TMP security is enabled where files
> > can't be run
> > there.  While I don't think the DDOS attack was successful in
> > running the
> > script, it was successful in shutting down the serer due to MySQL
> > becoming
> 
> [root@bq1 ~]# mount | grep "/tmp"
> /dev/md2 on /tmp type ext3 (rw,noexec,nosuid)
> 
> If your output looks like mine, your good.  Your looking for
> 
> (rw,noexec,nosuid)
> 
> If it isn't there, you can do this;
> 
> # Remount /tmp to be non-executable!
> /usr/bin/perl -pi -e "if (/\/tmp/) { s/defaults/noexec,nosuid,rw/ }"
> /etc/fstab
> /bin/mount -o remount /tmp
> 
> Thanks!
> Brian