The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

securetmp

Discussion in 'General Discussion' started by erobs, Jan 14, 2004.

  1. erobs

    erobs Well-Known Member

    Joined:
    Nov 24, 2002
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    Has anyone here had any problems with /scripts/securetmp? I have ran it on one server and it seems to have done what it is supposed to, but I ran that before the server had accounts. I am a little hesitant on servers that have accounts. Any one else run it? What were you results?


    Thank you.
     
  2. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    It works just fine on new servers and loaded ones. It makes a copy of your tmp directories then copies them back to the new tmp.
     
  3. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    It works fine.
     
  4. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    I never used the script, but I did everything by hand and it worked just fine.
     
  5. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    Are any of you running RH9 and what did you select for ...

    Would you like to secure /tmp & /var/tmp at boot time?
     
  6. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    FWIW, I tried this on one server and mod_gzip broke hard.
     
  7. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    What happened exactly?
     
  8. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    page cannot be displayed errors. The error_log indicated there were permission problems with mod_gzip writing to the /tmp directory.
     
  9. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Hmm.. did you check the permissions? Perhaps try moving tmp gzip files to a different dir? Also, not sure if this will help or not, but did you try restarting apache ?
     
  10. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    No, I wsa so frustrated at that point (It took me a while to figure out why pages weren't displaying) I just removed the hack and was done with it.

    I had read somewhere that it didn't make that bigt a difference for an industriuos hacker.
     
  11. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Thats true to an extent. From my experience at least 95% are just crackers using premade scripts that still need compiled etc. The way I see it, every little bit helps. If you make it harder for people to hack you, they generally move onto the next system. That being said, i think /tmp on its own partition w/ noexec and nosuid is a must.
     
  12. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    Anyone?

    Are any of you running RH9 and what did you select for ...

    Would you like to secure /tmp & /var/tmp at boot time?
     
  13. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Its really not all that hard to figure out ;P

    Its asking if you want to secure the partitions on start up. Basically, when you run the script manually, after a reboot it reverts back to normal ( as it was before ). So its basically asking you if you want the script to run at start up so you don't manually have to run it. It would probably just add the script execution commands to /etc/rc.local I believe.
     
  14. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    I understand exactly what it does. I am asking if anyone has successfully ran this under RH9 and with which config.

     
  15. Dreamer

    Dreamer Well-Known Member

    Joined:
    Jun 23, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bulgaria
    I am on rh9 and selected no. As for now no problems with what securetmp did. Everything seems to work fine. I did not choose YES, because If i see a problem I can easily reboot the system and get everything back and working.
     
  16. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    Thanks Dreamer.

     
  17. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    I have another server that is loading it from bootup and I would like to yank it from doing that. Anyone locate where it is loading from?
     
  18. Dreamer

    Dreamer Well-Known Member

    Joined:
    Jun 23, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bulgaria
    pico /etc/rc.d/rc.local

    You may find it there. IF so please paste what you've got there. Thanks :)
     
  19. Solokron

    Solokron Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    849
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle
    cPanel Access Level:
    DataCenter Provider
    #--Added by /scripts/securetmp--
    /scripts/securetmp --auto


     
  20. Dreamer

    Dreamer Well-Known Member

    Joined:
    Jun 23, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bulgaria
    Cute! thanks :)
     

Share This Page