|
Newbie question - /tmp /var/tmp
Hi
I am using rhat 8 and was wondering why it is necessarry to have world writable and executable permissions anywhere. - on my distro I have found /tmp and /var/tmp that fit this description. Is it safe (will things start to break? :D ) or advised for these to be non executable? Thanks :newbie: |
If you've split up these 2 trees into 2 partitions like it's suggested from a security point of view you can change the mount flags to defaults,rw,nodev,noexec,nosuid ... this prevents a couple of attack methods! So as example for /etc/fstab:
Code:
... |
Thanks will do.
Basically I am experimenting @ the moment - trying to setup so some users can't create then execute files. Good to know that in most cases u don't really need exec permission on /tmp. Probably better on a new thread but is there any recommended reading material for locking down a workstation from a logged in users viewpoint? Choice of shell? Mounting option for home directories. Disabling remote access. That sort of thing. I am pretty new to this but getting a hang of the basic stuff. Thanks |
There is a lot of information regarding that around. There are excellent ones for example for Debian GNU/Linux ... I admit I like the Securing Debian Manual.
For RedHat there is a guide at www.openna.com ... the current version can be orderd ... I would suggest something like that. It covers a lot of different aspects. Just use your favourite search engine - mine is google and look for something like locking down linux box |
| All times are GMT -5. The time now is 02:48 AM. |