Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 17 Jul 2019, 23:16
All times are UTC - 4
 Forum index » House Training » HOWTO ( Solutions )
HowTo: secure /tmp files, for hard drive users
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
klhrevolutionist


Joined: 08 Jun 2005
Posts: 1124

PostPosted: Wed 28 May 2008, 23:41    Post subject:  HowTo: secure /tmp files, for hard drive users  

I only modified this by changing the values for the count= to 500mb instead of what the original

One method is to create a loopback filesystem that will be mounted as /tmp
and can use the same restrictive mount options. To create a 500mb loopback
filesystem, execute:

dd if=/dev/zero of=/.tmpfs bs=1024 count=500000

mke2fs -j /.tmpfs

cp -av /tmp /tmp.old

mount -o loop,noexec,nosuid,nodev,rw /.tmpfs /tmp

chmod 1777 /tmp

mv -f /tmp.old/* /tmp/

rmdir /tmp.old

Once this is complete, edit /etc/fstab to have the loopback filesystem mounted
automatically at boot:

/.tmpfs /tmp ext3 loop,nosuid,noexec,nodev,rw 0 0
---
There is another method here:
http://www.tuxhelper.info/2008/06/secure-tmp-directory.html

Original Author:
http://blogs.techrepublic.com.com/opensource/?p=171

_________________
Heaven is on the way, until then let's get the truth out!

Last edited by klhrevolutionist on Fri 27 Jun 2008, 19:53; edited 2 times in total
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 13241
Location: Arizona USA

PostPosted: Thu 29 May 2008, 00:05    Post subject:  

Thanks, klh. It would be even better if you added an explanation of what you mean by "secure," and why it might be a good idea to secure /tmp. Smile
_________________
Puppy Help 101 - an interactive tutorial for Lupu 5.25
Back to top
View user's profile Send private message 
klhrevolutionist


Joined: 08 Jun 2005
Posts: 1124

PostPosted: Fri 30 May 2008, 22:55    Post subject:  

With the link I provided you can see why one might want to make such changes to /tmp I also forgot to mention that not only did i change the count= I also added "nodev" onto the mounting permissions.

Quote:

One problem with directories meant to store temporary files is that they can often be targeted as places to store bots and rootkits that compromise the system. This is because in most cases, anyone (or any process) can write to these directories. Insecure permissions are problematic as well; most Linux distributions set the sticky bit on directories meant to contain temporary files — this means that user A cannot remove a file belonging to user B, and vice versa. Depending on the permissions of the file itself, user A may be able to view and/or modify the contents of that file, however.


http://blogs.techrepublic.com.com/opensource/?p=171

_________________
Heaven is on the way, until then let's get the truth out!
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » HOWTO ( Solutions )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0297s ][ Queries: 11 (0.0055s) ][ GZIP on ]