Results 1 to 7 of 7
  1. #1
    Join Date
    Sep 2008
    Location
    Sweden
    Posts
    1,283

    secure /tmp problem

    hello i have follow this article http://www.eth0.us/tmp
    but csf security still send a warning:

    Check /tmp is mounted as a filesystem WARNING /tmp should be mounted as a separate filesystem with the noexec,nosuid options set

    ======
    these are the output of server:
    [[email protected] ~]# df -h
    Filesystem Size Used Avail Use% Mounted on
    /dev/sda3 76G 3.0G 69G 5% /
    /dev/sda1 99M 19M 76M 20% /boot
    none 502M 0 502M 0% /dev/shm

    [[email protected] ~]# vi /etc/fstab
    LABEL=/ / ext3 defaults,usrquota,grpquota 1 1
    LABEL=/boot /boot ext3 defaults 1 2
    none /dev/shm tmpfs noexec,nosuid 0 0
    devpts /dev/pts devpts gid=5,mode=620 0 0
    sysfs /sys sysfs defaults 0 0
    proc /proc proc defaults 0 0
    LABEL=SWAP-sda2 swap swap defaults 0 0
    /dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0

  2. #2
    Join Date
    Jan 2003
    Location
    SLC
    Posts
    2,058
    is the tmp partition mounted
    df -h

    if not mount it

    mount /tmp
    Lowest Host/Empire Technology LLC
    Offering Quality Shared, Reseller, VPS servers, and Dedicated Servers
    24x7 Tech Support http://empire-hosting.net
    XEN Servers Now http://xenserversnow.com - Budget XEN VPS /

  3. #3
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Reboot the VPS to make the changes take effect.
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  4. #4
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686

    secure /tmp problem

    Quote Originally Posted by supportexpertz View Post
    Reboot the VPS to make the changes take effect.
    This is about the worst advice ever given
    You don't NEED to reboot the VPS just to get this to take affect. Simply remount as instructed before
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  5. #5
    Join Date
    Mar 2006
    Location
    Servers
    Posts
    1,588
    This way is not going to work for your VPS cause may be you do not have a loop device.
    QHoster.com - Web Hosting with DDoS Protection | Shared & Reseller in Europe/North America
    Linux/Windows RDP VPS 13 Locations : UK, US (5 states), Mexico, Canada, Bulgaria, Lithuania,
    Italy, France, Germany,Netherlands, Switzerland, Rissia, Singapore | OpenVPN/PPTP Enabled
    INSTANT | PayPal, Skrill, Payza, Bitcoin, WebMoney, Perfect Money, Ukash, CashU, paysafecard

  6. #6
    Quote Originally Posted by mixmox View Post
    hello i have follow this article http://www.eth0.us/tmp
    but csf security still send a warning:

    Check /tmp is mounted as a filesystem WARNING /tmp should be mounted as a separate filesystem with the noexec,nosuid options set

    ======
    these are the output of server:
    [[email protected] ~]# df -h
    Filesystem Size Used Avail Use% Mounted on
    /dev/sda3 76G 3.0G 69G 5% /
    /dev/sda1 99M 19M 76M 20% /boot
    none 502M 0 502M 0% /dev/shm

    [[email protected] ~]# vi /etc/fstab
    LABEL=/ / ext3 defaults,usrquota,grpquota 1 1
    LABEL=/boot /boot ext3 defaults 1 2
    none /dev/shm tmpfs noexec,nosuid 0 0
    devpts /dev/pts devpts gid=5,mode=620 0 0
    sysfs /sys sysfs defaults 0 0
    proc /proc proc defaults 0 0
    LABEL=SWAP-sda2 swap swap defaults 0 0
    /dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0

    in which control panel you have this problem ? CPanel or directadmin ?

  7. #7
    Join Date
    Apr 2005
    Posts
    1,711
    Instead of using a flat file, use tmpfs, example in /etc/fstab:

    tmpfs /tmp tmpfs rw,size=2G,nr_inodes=500k,mode=1777,noexec,nosuid 0 0

    Then, unmount current /tmp and `mount /tmp`
    Zach E. - Kualowww.kualo.com
    Shared Web Hosting, Reseller Hosting, Cloud VPS & Dedicated Servers
    UK: 0800 138 3235 ❘ USA: 1-800-995-8256

Similar Threads

  1. secure /tmp and /dev/shm and /var/tmp
    By agrilon in forum Hosting Security and Technology
    Replies: 7
    Last Post: 03-27-2010, 08:44 AM
  2. Problem when trying to secure the /tmp dir
    By AndyJ in forum Hosting Security and Technology
    Replies: 5
    Last Post: 06-26-2007, 12:10 PM
  3. how can secure /tmp /var/tmp in OpenVZ VPS ?
    By anonbeat in forum Hosting Security and Technology
    Replies: 1
    Last Post: 03-15-2007, 06:28 PM
  4. /tmp never secure!!?
    By WebProx in forum Hosting Security and Technology
    Replies: 14
    Last Post: 08-04-2004, 01:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •