Posted by xeonfan, 12-06-2008, 08:44 PM | tmp ownership confusion
Had some php problems and some one helped me to get all fixed up, but now when i run CSF security check i get
Check /tmp ownership WARNING /tmp should be owned by root:root
the /tmp seems to be set to nobody:nobody
Is it a Security Risk. ?
Other options are set fine on /tmp
Check /tmp permissions OK
Check /tmp is mounted as a filesystem OK
Check /tmp is mounted noexec,nosuid OK
suggestions ?
Edit:running centos + cpanel and Apache 1.3.x
|
Posted by amalji, 12-06-2008, 09:25 PM | Quote:
Originally Posted by xeonfan
Had some php problems and some one helped me to get all fixed up, but now when i run CSF security check i get
Check /tmp ownership WARNING /tmp should be owned by root:root
the /tmp seems to be set to nobody:nobody
Is it a Security Risk. ?
Other options are set fine on /tmp
Check /tmp permissions OK
Check /tmp is mounted as a filesystem OK
Check /tmp is mounted noexec,nosuid OK
suggestions ?
Edit:running centos + cpanel and Apache 1.3.x
/tmp should be owned by root and should be having a permission of 1777
Execute the following commands to fix it.
Code:
chown root:root /tmp
chmod 1777 /tmp
|
Posted by @Matt, 12-06-2008, 09:31 PM | It would also be a good idea to have an audit on why it was changed.
__________________HostPenguin - Separate Yourself â A Christian Owned and Operated Hosting Provider!â Shared, Reseller, Virtual Private Server Hosting and Website Integrationshttp://www.HostPenguin.net - http://Integration.HostPenguin.net - Sales@HostPenguin.net
|
Posted by amalji, 12-06-2008, 09:34 PM | Quote:
Originally Posted by Matt - HostPenguin
It would also be a good idea to have an audit on why it was changed.
yep, that's right...
|
Posted by vapetrov, 12-06-2008, 09:36 PM | Yes, this is a problem.
Usually /tmp have permissions drwxrwxrwt (1777, with sticky bit on).
In this case file can remove file's owner only, if file owner belong to "other".
This is a problem if folder owner are nobody - nobody can remove any file in /tmp.
__________________
Private remote administrator of Linux servers - www.petrov.ks.ua
Quality hosting - Host-Web-Site.com
|
Posted by xeonfan, 12-07-2008, 08:00 AM | Thanks for the suggestion guys
I am having this set up properly.
|
Posted by @Matt, 12-07-2008, 04:15 PM | Glad to hear and the commands that were given earlier is all you really need. I would suggest that you run some rootkit hunters on your server to make sure nothing bad was installed.
__________________HostPenguin - Separate Yourself â A Christian Owned and Operated Hosting Provider!â Shared, Reseller, Virtual Private Server Hosting and Website Integrationshttp://www.HostPenguin.net - http://Integration.HostPenguin.net - Sales@HostPenguin.net
|
|
Add to Favourites
Print this Article |