How to!! Secure linux and unix /tmp Directory to prevent hacker

Almost every security professional known that /tmp is the first place that hacker will looking at to place their malicious software and scripts for further gaining root access. However, there several ways to protect system /tmp. In this article will show you a simple method making secure /tmp for Linux and Unix.

First of all to accomplish this method, users must take the following measures for hardening the /tmp directory
A. Creating /tmp as a different partition : As a default function, the /tmp directory has read, write, and execute permissions set to ON. This is the main reason for the servers vulnerability. You can move it over to a different partition altogether instead of letting it be in the root / partition.By doing this, even if an attacker manages to get an access to the /tmp directory, he wouldn’t be able to get an access to the system files.

B. Setting /tmp as non-executable attributes : You can make /tmp noexec in /etc/fstab. Once done, you should be able to relate it to : /tmp ext3 loop,noexec,nosuid,rw 0 0 . You may read the distribution documentations to get the appropriate settings. It is recommended to take backup of your server before making any amendments to the fstab.

Step by step

1. Create a file size 512 MB for /tmp
#dd if=/dev/zero of=/var/TMP bs=1024 count=524288
2. Make it ext3
#mke2fs j /var/TMP
3. Backup the original /tmp
#mv  /tmp /tmp_backup
4. Create new /tmp folder
#mkdir /tmp
5. Mount the new temp file to /tmp
#mount -o loop,noexec,nosuid,rw /var/TMP /tmp
6. Set Permission of /tmp
#chmod 1777 /tmp
7. Restore original /tmp and delete the Backup
#cp -R /tmp_backup/* /tmp/
#rm -rf /tmp_backup

Leave a comment

You must be logged in to post a comment.

Member Area