CentOS OpenVZ – how to secure tmp directory

First thing that we need to do is open up the fstab file for editing, we are going to use nano for this, however any editor will do the job.

nano -w /etc/fstab

Now we need to create a new line, so navigate to the bottom of the file using your arrow key’s and append the following line, I recommend copying & pasting to ensure you don’t get it wrong.

none /tmp tmpfs nodev,nosuid,noexec 0 0
mount -o remount /tmp

There is also another temp directory which is wise to secure (/var/tmp dir)
So make a backup (don’t skip this step, you need the files in a bit)

mv /var/tmp /var/tmpfiles

We can now make a link to map /tmp to /var/tmp

ln -s /tmp /var/tmp

Restore the files from the backup you made before

cp /var/tmpfiles/* /tmp/

Restore the files from the backup you made before, and make sure that the files in tmpfiles are now in tmp.

ls /var/tmpfiles
ls /var/tmp

If it looks ok, you can remove the tmpfiles directory.

rm -rf /var/tmpfiles

That’s it! You should now be a bit more secure!

Advertisements
  1. What’s up everyone, it’s my first go to see at this web page, and post is genuinely fruitful
    in support of me, keep up posting such articles.

  2. Definitely, what a fantastic website and enlightening posts, I surely will bookmark your blog.
    All the Best!

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: