Results 1 to 3 of 3
  1. #1

    Securing /dev/shm

    Hello, just wondering what are the ways I can secure /dev/shm? The permission for this directory is set to 755 but somehow it is still compromised.

    The directory permission is changed to 777 by the user apache, and the some flood/bot scripts are uploaded to the directory and executed for outbound ddos.

    Can anyone help? Thank you.

  2. #2
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,771
    make dev/shm noexec,nosuid from your fstab

    ----
    none /dev/shm tmpfs defaults,noexec,nosuid 0 0

    ---
    Edit your fstab like this to make it noexec and nosuid
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  3. #3
    Join Date
    Jan 2005
    Posts
    2,203
    After a reboot, will you need to secure tmp again with those instructions?

    LABEL=/ / ext3 defaults,usrquota 1 1
    LABEL=/boot1 /boot ext3 defaults 1 2
    none /dev/pts devpts gid=5,mode=620 0 0
    none /dev/shm tmpfs noexec,nosuid 0 0
    LABEL=/home /home ext3 defaults,usrquota 1 2
    none /proc proc defaults 0 0
    none /sys sysfs defaults 0 0
    LABEL=/tmp1 /tmp ext3 defaults 1 2
    LABEL=/usr1 /usr ext3 defaults,usrquota 1 2
    LABEL=/var1 /var ext3 defaults,usrquota 1 2
    LABEL=SWAP-sda5 swap swap pri=0,defaults 0 0
    /dev/sdb1 /hdd1 ext3 defaults,usrquota 0 0
    /dev/hda /media/cdrom auto pamconsole,exec,noauto,managed 0 0
    even after running /scripts/securetmp it doesn't seem like /tmp is secured.
    Last edited by HD Fanatic; 05-30-2007 at 12:05 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •