Eli L

Well-Known Member
Aug 9, 2007
Bellingham, Washington, United States
cPanel Access Level
Root Administrator
I just got a new server and have mounted my /tmp with "noexec,nosuid,nodev" but when I create a simple hello.sh file and run it in /tmp with "sh hello.sh" it executes fine. Its only denied when I run it as "./hello.sh".

Does this mean the partition is not secure?

Heres my stuff:

[email protected] [~]# mount
/dev/sda5 on / type ext4 (rw,usrquota)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,noexec,nosuid,nodev)
/dev/sda1 on /boot type ext4 (rw)
/dev/sda3 on /tmp type ext4 (rw,noexec,nosuid,nodev)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
/tmp on /var/tmp type none (rw,noexec,nosuid,bind)
[email protected] [~]# cat /etc/fstab

# /etc/fstab
# Created by anaconda on Tue Apr 24 21:49:48 2012
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
UUID=3f56f89a-4b36-474d-9b24-94a4aef85ea2	/	ext4	defaults,usrquota	1	1
UUID=980791a7-58bf-4ea0-a8ea-87f5af5e98a0 /boot                   ext4    defaults        1 2
UUID=5c17fa0e-55c7-4e4d-94a7-64c4791cfc32 /tmp                    ext4    defaults,nosuid,noexec,nodev        1 2
UUID=21796b13-61dd-4d7c-a2a5-2c93067ce1a1 swap                    swap    defaults        0 0
tmpfs                   /dev/shm                tmpfs   defaults,nosuid,noexec,nodev        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0


Apr 22, 2012
cPanel Access Level
DataCenter Provider
The partition is working correctly. What you have here is you found a loophole.

Calling the script file directly, you are running the script as a shell script which of course gets denied but when you prefix with the shell program "sh", it's technically not a script file but rather just a text file just being interpreted by a shell processor which requires no execute permissions to run because it's "not a script".

That could potentially be a very substantial security problem.