On public servers, I now put /tmp /var/tmp
as seperate partitions with noexec,nosuid on them. We may also put nodev on them but I am not sure if that broke things or not. Each are limited to 100->500 megs in size. We were looking at a script that did an hourly cleanup of files that were in it so that nothing stayed too long, but I think we dropped that in case we needed to keep an audit trail.
nosuid, good idea nodev? What does that do, positive/negative?
For certain kinds of attacks/machines a /tmp/kmem that is the /dev/kmem device and crw-rw-rw is very bad. Not allowing it to be used can fix that. I cant rememeber what the problem was though..
-- Stephen John Smoogen smoogen@xxxxxxxx Los Alamos National Lab CCN-5 Sched 5/40 PH: 4-0645 Ta-03 SM-1498 MailStop B255 DP 10S Los Alamos, NM 87545
