Hello,

So here I am again for another tut. This time we are securing /tmp and /dev/shm.

Lets get started.

Part 1 : Securing /tmp

Step 1 : Make a 1GB(Or more) file for /tmp and an ext3 filesystem for tmp
Code: 
dd if=/dev/zero of=/dev/tmpFS bs=1024 count=1000000
/sbin/mkfs.ext3 /dev/tmpFS
Step 2 : Create a backup copy of your current /tmp drive
Code: 
cp -Rpf /tmp /tmpbackup
Step 3 : Mount our new tmp parition and change permissions
Code: 
mount -o loop,noexec,nosuid,rw /dev/tmpFS /tmp
chmod 1777 /tmp
Step 4 : Copy old data
Code: 
cp -Rpf /tmpbackup/* /tmp/
Step 5 : Edit /etc/fstab and add this
Code: 
/dev/tmpMnt /tmp ext3 loop,nosuid,noexec,rw 0 0
Step 6 : Test your fstab entry
Code: 
mount -o remount /tmp
Part 2 : Secure /var/tmp

Step 1 : Rename it and create a symbolic link to /tmp
Code: 
mv /var/tmp /var/tmp1
ln -s /tmp /var/tmp
Step 2 : Copy the old data back
Code: 
cp /var/tmpold/* /tmp/
Step 3 : Restart services that use the /tmp partion

Part 3 : Securing /dev/shm

Step 1 : Edit your /etc/fstab
Code: 
nano /etc/fstab
change:
"none /dev/shm tmpfs defaults,rw 0 0" to
"none /dev/shm tmpfs defaults,nosuid,noexec,rw 0 0"

Step 2 : Remount /dev/shm
Code: 
mount -o remount /dev/shm

And their you go All done!

*Note* if you have cpanel installed just run /scripts/securetmp in ssh
.:Raymond:. Reviewed by .:Raymond:. on . [TUT] Securing /tmp and /dev/shm partion Hello, So here I am again for another tut. This time we are securing /tmp and /dev/shm. Lets get started. Part 1 : Securing /tmp Step 1 : Make a 1GB(Or more) file for /tmp and an ext3 filesystem for tmp dd if=/dev/zero of=/dev/tmpFS bs=1024 count=1000000 Rating: 5