No executables in /tmp

Jeff Schroeder jeff at zingstudios.net
Sat Mar 25 14:20:48 MST 2006


Hey all--

I'm in the process of securing a web server, and I wonder if there's a 
way to prevent executables from being installed and run in the /tmp 
directory.

I'm mounting /tmp with "-o noexec" so it's not possible to execute a 
script or program directly.  In other words, this file:

#!/usr/bin/perl
print "This is my program.";

... won't run even if it's chmod 755.  However, it's still possible to 
do this:

perl /tmp/myscript.pl

... and it'll run happily.  Can I prevent the system from allowing this?  
I suspect not, but figured I'd ask...

TIA,
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : http://plug.org/pipermail/plug/attachments/20060325/1e376c15/attachment.bin 


More information about the PLUG mailing list