On Wed, September 27, 2006 8:45 am, Jeff Waugh wrote: > Mount it as a separate partition with 'noexec'.
On Wed, September 27, 2006 8:43 am, Alan Harper wrote: >> how can I protect/prevent attempt at executing stuff in /tmp ? > Put it on a seperate partition (or even use tmpfs), and mount it with > the noexec option (may as well use nodev and nosuid as well to be on the > safe side) Alan, Jeff, thanks a 'noexec /tmp', is it a [d] ? a: a good idea b: a must have c: what are you waiting for ? d: all of above would a noexec /tmp prevent most of the web application vulnerabilities exploits ? I think I have enough RAM ?, how much should I give to temp ? or, should I add another IDE HD, and put /tmp there ? ------------------ # free total used free shared buffers cached Mem: 1023120 955448 67672 0 152828 580616 -/+ buffers/cache: 222004 801116 Swap: 522104 95212 426892 -------------------- -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html