How to secure shm partitions

by Manoj 2012-04-21 12:20:59

How to secure /tmp and /dev/shm partitions?

It is highly recommended to mount /tmp and /dev/shm partitions in noexec,nosuid mode in order to prevent files been executed under those partitions. To mount /tmp and /dev/shm in noexec,nosuid more, edit the /etc/fstab file and

search for the word

“defaults”

in front of the 2 partitions and replace them with

rw,noexec,nosuid

The entry should look like the following:

tmpfs /dev/shm tmpfs rw,noexec,nosuid 0 0

and same for /tmp partition as well.

Save the /etc/fstab file. You now need to remount the partitions for the changes to take effect. Execute the following remount commands:

root@host [~]#mount -o remount /tmp
root@host [~]#mount -o remount /dev/shm

You can now check the mounted partitions using the command:

root@host [~]#mount

Tagged in:

870
like
0
dislike
0
mail
flag

You must LOGIN to add comments