[Users] creating partition for VE and networking
Daniel Pittman
daniel at rimspace.net
Sat Apr 21 20:27:39 EDT 2007
Markus Hardiyanto <informatics2k1 at yahoo.com> writes:
> because i plan to use cpanel control panel and need to secure /tmp
> (mount it with noexec)
You might want to consider using a boring mount script for the VE that
puts a small, limited 'tmpfs' into /tmp on that system. That might
allow you to bypass the direct disk requirement -- and has the bonus
that whatever junk hosted sites dump into /tmp doesn't hang about
forever.
Also, I trust you are already aware that noexec doesn't actually prevent
storing and running any of the scripted exploits in /tmp:
/bin/sh /tmp/i-is-a-leet-haxer.sh
Regards,
Daniel
--
Digital Infrastructure Solutions -- making IT simple, stable and secure
Phone: 0401 155 707 email: contact at digital-infrastructure.com.au
http://digital-infrastructure.com.au/
More information about the Users
mailing list