How to Secure tmp, /dev/shm and /var/tmp folders to stop upload flood hacks/root kit via php injections#

Secure /tmp folder#

  • Create 2000MB file for our /tmp partition space
 dd if=/dev/zero of=/var/tmpMount bs=1024 count=2000000

OR

  • Create 1000MB file for our /tmp partition space
 dd if=/dev/zero of=/var/tmpMount bs=1024 count=1000000
 mkfs.ext3 /var/tmpMount
  • choose y
  • Make an extended filesystem for our tmpMount file
  • Backup /tmp folder
 cp -R /tmp /tmpbak
  • Mount the new /tmp filesystem with noexec
 mount -o loop,noexec,nosuid,rw /var/tmpMount /tmp
 chmod 1777 /tmp
  • Copy everything back to new /tmp and remove backup
 cp -R /tmpbak/* /tmp/
 rm -rf /tmpbak
  • Edit fstab so it mounts on reboot
 vi /etc/fstab
LABEL=/boot             /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
/dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0

  • Add the following to fstab
 /var/tmpMount             /tmp                    ext2    loop,noexec,nosuid,rw 0 0
  • Save
:qw
  • /tmp is now mounted as noexec. Permission denied when executed

Secure /var/tmp folder#

  • Rename /var/tmp and create a symbolic link to /tmp
mv /var/tmp /var/tmpbak
ln -s /tmp /var/tmp
cp -R /var/tmpbak/* /tmp/
rm -rf /var/tmpbak

Secure /dev/shm folder#

  • Ensure that /dev/shm has noexec by editing fstab
tmpfs                   /dev/shm                tmpfs   defaults,nosuid,noexec,rw 0 0
mount -o remount /dev/shm

Back to linux

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-27) was last changed on 24-May-2017 15:30 by Hyve Support
G’day (anonymous guest) My Prefs
  • View Page Source
  • This clear IPSec security association,
    clear ipsec sa peer X.X.X.X
    

All Pages

Page views: 9788

Private Tomcat

Linux

MySQL

Email

SQL Server

ASP

JSP

C#

Web Mail

Windows Plesk

Linux Plesk

PHP

Gaming

ASP.NET

Persits ASPUpload

Wiki Help

Referring Pages:
...nobody

JSPWiki v2.8.1