|
IMPORTANT
NOTE: This document is based on FreeBSD. The concepts should be similar across operating
systems, but the commands will very likely be different.
Also, never assume the directory structures exist in your system
as written in the document. Never blindly follow security
instructions -- read, review, compare, apply as it fits your
system.
|
Log onto the server as root: Is the /tmp directory in its own
partition?
- Edit /etc/fstab
Do you see a /tmp partition? If YES, then
move to step B; otherwise move to step C.
- Modify /etc/fstab
to change the definition for /tmp
Change what is present for /tmp to rw,nosuid,nodev
Skip to step D
- Modify /etc/fstab to
create a new /tmp partition and have it point to your current /tmp
directory
The typical format is "Device Mountpoint FStype
Options Dump Pass#"
So you might have something like
/hard_drive_device_name /tmp ufs rw,nosuid,nodev 2 2
- Link /var/tmp to
/tmp
cd /var && mv ./tmp/* /tmp/ && rm -rf tmp && ln -s /tmp
tmp
NOTES:
The /etc/fstab entry means it will be mounted
automatically on boot up.
nosuid, noexec are to help protect against hackers
putting root kits in /tmp and building / executing them |
IMPORTANT
NOTE: This document and all
linked document is being provided as a good will gesture to the
Parallels H-Sphere community and to others who may benefit from its use.
Dynamic Net, Inc. makes no representations implied or explicit
as to their value or warranty. Dynamic Net, Inc. will not be
held liable for any damage resulting in the application of the
steps and procedures noted. If you feel uncomfortable at
all about doing any of the steps, make a complete system backup
and hire a third party like
We Manage Servers
to do the work for you.
|
|
