[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] best way to secure /dev/shm?
The last suse systems attacks I had to 'clean-up' were
all based on php scripts copying and starting some stuff
To improve the security a little bit, I'd like to have this
pseudo filesystem 'noexec,nosuid' (like /tmp), but under
suse linux it's not in the /etc/fstab
(cf. http://www.eth0.us/?q=tmp for some other ideas).
Is the only way to achieve that editing directely
/etc/init.d/boot.shm ? It seem to be the case: in
/etc/sysconfig/kernel you can only set the size, but
not the other options... (suse 9.2 in this case)
Or how would you do it? Btw, is that /dev/shm *really*
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here