LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   /TMP Security question (https://www.linuxquestions.org/questions/linux-security-4/tmp-security-question-176153/)

InfluxDan 04-29-2004 09:16 PM
/TMP Security question
 
Hello,

I am Using Redhat 8.0 on my server. Is there a way to prevent a DDos attack from comming in or being initiated from the /tmp folder. I have this folder Chmodded and locked down. Any way that someone can give me some advice on this?

Thanks in advance.

InfluxDan

iainr 04-30-2004 02:57 AM
I assume you mean preventing a normal user from filling up /tmp
, or from copying files into tmp that could then do something nasty. For the first risk, I'm not aware of any easy solution, but there are a few things you can do. For the second, as long as the sticky bit is set and umasks are set correctly, /tmp should be OK.

Things you can try :
- Have /tmp as a separate filesystem and set the nosuid and nodev flags.
- Have users use a different tmp directory by default (TMPDIR=~/tmp, for example).
- Have your key applications use their own tmp directory so /tmp filling up doesn't cause them a problem.
- Place a limit on the max. file size a user can create (ulimit) - nothing stopping a user creating lots of small files though.
- Set up alerting so you get an email/page/... if /tmp goes over (for example) 80% full.


All times are GMT -5. The time now is 02:13 PM.