Tuesday, October 30, 2012

Securing /tmp And /var/tmp On DirectAdmin With SecureTmp

This presumes you are using a fresh server with no valuable contents in /tmp or /var/tmp. This still applies even if you do, just make a backup of the directory contents so it can be restored after.

This will give you ~2.1GB of /tmp and /var/tmp
dd if=/dev/zero of=/var/varTmp bs=1024 count=2048000
dd if=/dev/zero of=/var/Tmp bs=1024 count=2048000
/sbin/mkfs -t ext3 /var/varTmp
/sbin/mkfs -t ext3 /var/Tmp
mount -o loop,noexec,nosuid,rw /var/Tmp /tmp
mount -o loop,noexec,nosuid,rw /var/varTmp /var/tmp
chmod 0777 /tmp
chmod +t /tmp
chmod 0777 /var/tmp
chmod +t /var/tmp

Add to /etc/fstab:
/var/Tmp        /tmp            ext3    loop,noexec,nosuid,rw   0       0
/var/varTmp     /var/tmp        ext3    loop,noexec,nosuid,rw   0       0

You may want to reboot =)