Is my /tmp /usr/tmpDSK secure?

lambov

Member
Oct 9, 2016
21
0
51
Earth
cPanel Access Level
Root Administrator
i found user has cron on /var/tmp/ and the file executed is unix malware based clamav scan

why can he run the script on /var/tmp/ ?
is my /tmp secure?

i have run /scripts/securetmp
and this is my fstab
Code:
LABEL=root      /       ext4    errors=remount-ro,usrjquota=quota.user,jqfmt=vfsv0      1       1
none             /dev/shm      tmpfs   defaults                    0 0

/dev/vda2        swap       swap       defaults        0 0
/usr/tmpDSK             /tmp                    ext3    defaults,noauto        0 0
/tmp             /var/tmp                    ext3    defaults,bind,noauto        0 0
and when running /scripts/securetmp again, i get this error:
*** Notice *** No loop module detected
If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
If the loopback block device is built into the kernel itself, you can ignore this message.

my server is KVM vps
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
and when running /scripts/securetmp again, i get this error:
*** Notice *** No loop module detected
If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
If the loopback block device is built into the kernel itself, you can ignore this message.
Hello,

The following post offers a workaround to this issue so you can mount /tmp with the noexec, nodev, and nosuid flags to help ensure /tmp is secured against attacks:

secure /tmp directory

Thank you.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
my server is KVM and not openvz
Hello,

The workaround should help to address the issue on additional environments. Can you confirm the instructions in that thread are not working on your system?

Thank you.