Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is my /tmp /usr/tmpDSK secure?

Discussion in 'Security' started by lambov, Feb 14, 2017.

  1. lambov

    lambov Member

    Joined:
    Oct 9, 2016
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    i found user has cron on /var/tmp/ and the file executed is unix malware based clamav scan

    why can he run the script on /var/tmp/ ?
    is my /tmp secure?

    i have run /scripts/securetmp
    and this is my fstab
    Code:
    LABEL=root      /       ext4    errors=remount-ro,usrjquota=quota.user,jqfmt=vfsv0      1       1
none             /dev/shm      tmpfs   defaults                    0 0

/dev/vda2        swap       swap       defaults        0 0
/usr/tmpDSK             /tmp                    ext3    defaults,noauto        0 0
/tmp             /var/tmp                    ext3    defaults,bind,noauto        0 0
    and when running /scripts/securetmp again, i get this error:
    *** Notice *** No loop module detected
    If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
    If the loopback block device is built into the kernel itself, you can ignore this message.

    my server is KVM vps
     
    #1 lambov, Feb 14, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,693
    Likes Received:
    1,703
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The following post offers a workaround to this issue so you can mount /tmp with the noexec, nodev, and nosuid flags to help ensure /tmp is secured against attacks:

    secure /tmp directory

    Thank you.
     
    #2 cPanelMichael, Feb 15, 2017
  3. lambov

    lambov Member

    Joined:
    Oct 9, 2016
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    my server is KVM and not openvz

    thanks
     
    #3 lambov, Feb 16, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,693
    Likes Received:
    1,703
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The workaround should help to address the issue on additional environments. Can you confirm the instructions in that thread are not working on your system?

    Thank you.
     
    #4 cPanelMichael, Feb 17, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - tmpDSK secure
  1. bloom360

    Go from a /tmp partition to tmpDSK?

    bloom360, Nov 30, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    185
    cPanelMichael
    Dec 4, 2017
  2. rhm.geerts

    securetmp on centos 7 error

    rhm.geerts, Apr 9, 2018, in forum: Security
    Replies:
    5
    Views:
    52
    cPanelLauren
    Apr 9, 2018
  3. Razva

    How to secure Portmapper with NFS?

    Razva, Apr 9, 2018, in forum: Security
    Replies:
    3
    Views:
    47
    cPanelMichael
    Apr 9, 2018
  4. syamsudin

    Unsecure cookie still getting sent even though service disabled

    syamsudin, Jan 28, 2018, in forum: Security
    Replies:
    9
    Views:
    272
    cPanelMichael
    Feb 13, 2018
  5. DragonByte Tech

    SOLVED Transfer Tool: ctl_dir /root/.libnet-openssh-perl/ is not secure

    DragonByte Tech, Jan 22, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    190
    cPanelMichael
    Jan 22, 2018

Share This Page