It is highly recommended to mount /tmp and /dev/shm partitions in
noexec,nosuid mode in order to prevent files been executed under those
partitions. To mount /tmp and /dev/shm in noexec,nosuid more, edit the
/etc/fstab file and
search for the word
in front of the 2 partitions and replace them with
The entry should look like the following:
tmpfs /dev/shm tmpfs rw,noexec,nosuid 0 0
and same for /tmp partition as well.
Save the /etc/fstab file. You now need to remount the partitions for
the changes to take effect. Execute the following remount commands:
mount -o remount /tmp
mount -o remount /dev/shm
You can now check the mounted partitions using the command:
No comments:
Post a Comment