Thread: Non-Cpanel/WHM Secure tmp

Step 1: Securing /tmp
Step 1.1: Backup your fstab file

cp /etc/fstab /etc/fstab.bak

Step 1.2: Creating tmpmnt partition file (Around 1Gb in size)

cd /var
dd if=/dev/zero of=tmpMnt bs=1024 count=1048576

Step 1.3: Format the new partition

mkfs.ext3 -j /var/tmpMnt

Press Y when asked
Step 1.4: Making backup of old /tmp

cp -Rp /tmp /tmp_backup

Step 1.5: Mount the tmp filesystem

mount -o loop,noexec,nosuid,rw /var/tmpMnt /tmp

Step 1.6: Set the right permissions

chmod 0777 /tmp

Step 1.7: Copy the files back to new tmp folder

cp -Rp /tmp_backup/* /tmp/

Step 1.8: Adding new /tmp filesystem to fstab

echo "/var/tmpMnt /tmp ext3 loop,rw,noexec,nosuid,nodev 0 0" >> /etc/fstab

Step 2: No need for 2 tmp filesystems, so we symlink /var/tmp to /tmp

rm -rf /var/tmp/
ln -s /tmp/ /var/tmp

Easier way....

cd /

service cpanel stop
service exim stop
service mysql stop
service httpd stop

cp -Rp /tmp /tmp_backup

rm tmp -r -f

mkdir tmp

nano -w /etc/fstab
add to fstab:
tmpfs /tmp tmpfs size=4096M,defaults,noexec,nosuid 0 0

mount /tmp

chmod 0777 /tmp

cp -Rp /tmp_backup/* /tmp/

rm /tmp_backup -R -f

rm -rf /var/tmp/
ln -s /tmp/ /var/tmp

service cpanel start
service exim start
service mysql start
service httpd start