Results 1 to 3 of 3
Thread: Securing /dev/shm
-
05-29-2007, 08:24 PM #1Junior Guru
- Join Date
- May 2004
- Posts
- 194
Securing /dev/shm
Hello, just wondering what are the ways I can secure /dev/shm? The permission for this directory is set to 755 but somehow it is still compromised.
The directory permission is changed to 777 by the user apache, and the some flood/bot scripts are uploaded to the directory and executed for outbound ddos.
Can anyone help? Thank you.
-
05-29-2007, 10:39 PM #2Web Hosting Master
- Join Date
- Oct 2004
- Location
- Kerala, India
- Posts
- 4,771
make dev/shm noexec,nosuid from your fstab
----
none /dev/shm tmpfs defaults,noexec,nosuid 0 0
---
Edit your fstab like this to make it noexec and nosuidDavid | www.cliffsupport.com
Affordable Server Management Solutions sales AT cliffsupport DOT com
CliffWebManager | Access WHM from iPhone and Android
-
05-29-2007, 11:51 PM #3Web Hosting Master
- Join Date
- Jan 2005
- Posts
- 2,203
After a reboot, will you need to secure tmp again with those instructions?
LABEL=/ / ext3 defaults,usrquota 1 1
LABEL=/boot1 /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs noexec,nosuid 0 0
LABEL=/home /home ext3 defaults,usrquota 1 2
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
LABEL=/tmp1 /tmp ext3 defaults 1 2
LABEL=/usr1 /usr ext3 defaults,usrquota 1 2
LABEL=/var1 /var ext3 defaults,usrquota 1 2
LABEL=SWAP-sda5 swap swap pri=0,defaults 0 0
/dev/sdb1 /hdd1 ext3 defaults,usrquota 0 0
/dev/hda /media/cdrom auto pamconsole,exec,noauto,managed 0 0Last edited by HD Fanatic; 05-30-2007 at 12:05 AM.