[CentOS] Tmp directory and sticky

nate centos at linuxpowered.net
Mon Sep 15 20:55:18 UTC 2008


Bob Hoffman wrote:

> So
> /dev/VolGroup00/LogVol00 /tmp ext3 loop,noexec,nosuid,rw 0 0
>
> Is useless to do? What about chmod so that no one can execute anything,
> rw-rw-rw- ? Then no executes via chmod.

hmm, well it seems it works now, for the longest time you could
just run /lib/ld-linux.so.2  for dynamic executables, but I just
tested it on centos 4.6 and 5.1 and it seems it does block it.

> If so, what a waste of time working on this...lol

Maybe not so much, sorry bout that :) but as another poster
mentioned if your really paranoid about security SELinux is probably
the best way to go.

nate



More information about the CentOS mailing list