The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is my /tmp /usr/tmpDSK secure?

Discussion in 'Security' started by lambov, Feb 14, 2017.

  1. lambov

    lambov Member

    Joined:
    Oct 9, 2016
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    i found user has cron on /var/tmp/ and the file executed is unix malware based clamav scan

    why can he run the script on /var/tmp/ ?
    is my /tmp secure?

    i have run /scripts/securetmp
    and this is my fstab
    Code:
    LABEL=root      /       ext4    errors=remount-ro,usrjquota=quota.user,jqfmt=vfsv0      1       1
none             /dev/shm      tmpfs   defaults                    0 0

/dev/vda2        swap       swap       defaults        0 0
/usr/tmpDSK             /tmp                    ext3    defaults,noauto        0 0
/tmp             /var/tmp                    ext3    defaults,bind,noauto        0 0
    and when running /scripts/securetmp again, i get this error:
    *** Notice *** No loop module detected
    If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
    If the loopback block device is built into the kernel itself, you can ignore this message.

    my server is KVM vps
     
    #1 lambov, Feb 14, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The following post offers a workaround to this issue so you can mount /tmp with the noexec, nodev, and nosuid flags to help ensure /tmp is secured against attacks:

    secure /tmp directory

    Thank you.
     
    #2 cPanelMichael, Feb 15, 2017
  3. lambov

    lambov Member

    Joined:
    Oct 9, 2016
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    my server is KVM and not openvz

    thanks
     
    #3 lambov, Feb 16, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The workaround should help to address the issue on additional environments. Can you confirm the instructions in that thread are not working on your system?

    Thank you.
     
    #4 cPanelMichael, Feb 17, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - tmpDSK secure
  1. cEMa

    SOLVED Cookie Does Not Contain The Secure Attribute

    cEMa, Jun 15, 2017, in forum: General Discussion
    Replies:
    4
    Views:
    143
    cPanelMichael
    Jun 16, 2017
  2. Nirjonadda

    SOLVED Your connection is not secure

    Nirjonadda, May 12, 2017, in forum: Security
    Replies:
    3
    Views:
    379
    cPanelMichael
    May 12, 2017
  3. Nirjonadda

    SOLVED Proxy Subdomains unsecured domains

    Nirjonadda, Apr 4, 2017, in forum: General Discussion
    Replies:
    5
    Views:
    436
    cPanelMichael
    Apr 11, 2017
  4. The raw

    Best way to secure server from symlinks?

    The raw, Feb 10, 2017, in forum: Security
    Replies:
    3
    Views:
    451
    The raw
    Feb 13, 2017
  5. Andyhue

    SOLVED Secure cloud server?

    Andyhue, Dec 30, 2016, in forum: Security
    Replies:
    1
    Views:
    239
    cPanelMichael
    Jan 6, 2017

Share This Page