How to secure /tmp and /dev/shm Partition
Category:
How to secure /tmp if we didn't partition /tmp when installed CentOS. Also, secure /dev/shm to protect rootkits.
1. Secure /tmp partition
1.1: Backup your fstab file
cp /etc/fstab /etc/fstab.bak1.2: Creating tmpMnt partition file (~ 1Gb in size)
cd /var
dd if=/dev/zero of=tmpMnt bs=1024 count=10485761.3: Format new partition
mkfs.ext3 -j /var/tmpMntIt will show
/var/tmpMnt is not a block special device.
Proceed anyway? (y,n)Just press Y
1.4: Making backup of old /tmp
cp -Rp /tmp /tmp_backup1.5: Mount the tmp filesystem
mount -o loop,noexec,nosuid,rw /var/tmpMnt /tmp1.6: Set the right permissions
chmod 0777 /tmp1.7: Copy the files back to new tmp folder
cp -Rp /tmp_backup/* /tmp/1.8: Adding new /tmp filesystem to fstab
echo “/var/tmpMnt /tmp ext3 loop,rw,noexec,nosuid,nodev 0 0″ >> /etc/fstab1.9: No need for 2 tmp partitions, so we symlink /var/tmp to /tmp
rm -rf /var/tmp/
ln -s /tmp/ /var/tmp2: Secure /dev/shm
To stop rootkits to run in /dev/shm, You should secure it.
2.1: Edit your /etc/fstab:
nano -w /etc/fstab2.2: Change
tmpfs /dev/shm tmpfs defaults 0 0to
tmpfs /dev/shm tmpfs defaults,nosuid,noexec 0 02.3: Remount /dev/shm:
mount -o remount /dev/shm
Note : CentOS 5.5 - 64 bits
Source : http://sysadmingear.blogspot.com/2007/10/how-to-secure-tmp-and-devshm-pa...
Add new comment