I'm trying to secure the /tmp directory on a single partition CentOS 3.7 installation. The approach of creating a file-based filesystem device and using -o loop isn't feasible, since the VPS environment I'm using doesn't support the loop device.
So I'm trying to create a mount using --bind. I've discovered that mount options (noexec, nosuid, etc) are not recognizied when --bind is used, and that the solution to this problem is to perform a mount -o remount following the initial mount.
Unfortunately I'm getting permission denied on this, and I have no idea why.
# mount --bind -o noexec /tmp2 /root/tmp2
(silent success, but with noexec ignored as reported by /proc/mount)
# mount -o remount,noexec /root/tmp2
mount: permission denied
mount version is 2.11y
Any thoughts are most appreciated. Thanks.