Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Is my /tmp /usr/tmpDSK secure?

Discussion in 'Security' started by lambov, Feb 14, 2017.

  1. lambov

    lambov Member

    Joined:
    Oct 9, 2016
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    i found user has cron on /var/tmp/ and the file executed is unix malware based clamav scan

    why can he run the script on /var/tmp/ ?
    is my /tmp secure?

    i have run /scripts/securetmp
    and this is my fstab
    Code:
    LABEL=root      /       ext4    errors=remount-ro,usrjquota=quota.user,jqfmt=vfsv0      1       1
    none             /dev/shm      tmpfs   defaults                    0 0
    
    /dev/vda2        swap       swap       defaults        0 0
    /usr/tmpDSK             /tmp                    ext3    defaults,noauto        0 0
    /tmp             /var/tmp                    ext3    defaults,bind,noauto        0 0
    and when running /scripts/securetmp again, i get this error:
    *** Notice *** No loop module detected
    If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
    If the loopback block device is built into the kernel itself, you can ignore this message.

    my server is KVM vps
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,699
    Likes Received:
    1,790
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The following post offers a workaround to this issue so you can mount /tmp with the noexec, nodev, and nosuid flags to help ensure /tmp is secured against attacks:

    secure /tmp directory

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. lambov

    lambov Member

    Joined:
    Oct 9, 2016
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    my server is KVM and not openvz

    thanks
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,699
    Likes Received:
    1,790
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The workaround should help to address the issue on additional environments. Can you confirm the instructions in that thread are not working on your system?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice