Category: Linux
How to Secure tmp, /dev/shm and /var/tmp folders to stop upload flood hacks/root kit via php injections
Secure /tmp folder
- Create 2000MB file for our /tmp partition space
dd if=/dev/zero of=/var/tmpMount bs=1024 count=2000000
OR
- Create 1000MB file for our /tmp partition space
dd if=/dev/zero of=/var/tmpMount bs=1024 count=1000000
mkfs.ext3 /var/tmpMount
- choose y
- Make an extended filesystem for our tmpMount file
- Backup /tmp folder
cp -R /tmp /tmpbak
- Mount the new /tmp filesystem with noexec
mount -o loop,noexec,nosuid,rw /var/tmpMount /tmp
chmod 1777 /tmp
- Copy everything back to new /tmp and remove backup
cp -R /tmpbak/* /tmp/
rm -rf /tmpbak
- Edit fstab so it mounts on reboot
vi /etc/fstab
LABEL=/boot /boot ext3 defaults 1 2 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 /dev/VolGroup00/LogVol01 swap swap defaults 0 0
- Add the following to fstab
/var/tmpMount /tmp ext2 loop,noexec,nosuid,rw 0 0
- Save
:qw
- /tmp is now mounted as noexec. Permission denied when executed
Secure /var/tmp folder - Rename /var/tmp and create a symbolic link to /tmp
mv /var/tmp /var/tmpbak
ln -s /tmp /var/tmp
cp -R /var/tmpbak/* /tmp/
rm -rf /var/tmpbak
- Secure /dev/shm folder
- Ensure that /dev/shm has noexec by editing fstab
tmpfs /dev/shm tmpfs defaults,nosuid,noexec,rw 0 0
mount -o remount /dev/shm