i found user has cron on /var/tmp/ and the file executed is unix malware based clamav scan
why can he run the script on /var/tmp/ ?
is my /tmp secure?
i have run /scripts/securetmp
and this is my fstab
and when running /scripts/securetmp again, i get this error:
*** Notice *** No loop module detected
If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
If the loopback block device is built into the kernel itself, you can ignore this message.
my server is KVM vps
why can he run the script on /var/tmp/ ?
is my /tmp secure?
i have run /scripts/securetmp
and this is my fstab
Code:
LABEL=root / ext4 errors=remount-ro,usrjquota=quota.user,jqfmt=vfsv0 1 1
none /dev/shm tmpfs defaults 0 0
/dev/vda2 swap swap defaults 0 0
/usr/tmpDSK /tmp ext3 defaults,noauto 0 0
/tmp /var/tmp ext3 defaults,bind,noauto 0 0
*** Notice *** No loop module detected
If the loopback block device is built as a module, try running `modprobe loop` as root via ssh and running this script again.
If the loopback block device is built into the kernel itself, you can ignore this message.
my server is KVM vps