The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing /tmp directory --Does it work?

Discussion in 'General Discussion' started by bmcpanel, Feb 3, 2004.

  1. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    16
    I found an interesting tweak at this web site (click to visit) on securing the /tmp directory. (since hackers often run scripts via /tmp to gain local or root access,the theory is that you can secure /tmp so it is non-executable and thus, somewhat safe from many root kits.

    I am wondering if anyone here has used this tweak.

    Is this tweak an effective deterent to hackers?

    Are there any considerations in regard to CPanel and how this tweak may affect it?

    Do you recommend this tweak?

    Thanks in advance.
     
  2. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    You can just use /scripts/securetmp to achieve the same.
    It won't make you completely secure, though. It might help in the short run, but in the long run as more people begin to do this crackers will start dropping the files in different directories. Then it will be even harder to find out if and how your box was cracked...
    At least that's what I've read here and there.
     
  3. Stenny Chong

    Stenny Chong Well-Known Member

    Joined:
    Jun 12, 2002
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Try chmod 600 /usr/bin/gcc to avoid people compile his own program. If you have kgcc installed, chmod it with 500 too.

    chmod 500 `which gcc`
    chmod 500 `which kgcc`
    chmod 500 `which cc`
     
  4. justinp

    justinp Registered

    Joined:
    Nov 18, 2003
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    simple answer is yes.. mounting /tmp noexec will add a measure of security.
     
Loading...

Share This Page