Markus Hardiyanto <[EMAIL PROTECTED]> writes:
> because i plan to use cpanel control panel and need to secure /tmp
> (mount it with noexec)
You might want to consider using a boring mount script for the VE that
puts a small, limited 'tmpfs' into /tmp on that system. That might
allow you to bypass the direct disk requirement -- and has the bonus
that whatever junk hosted sites dump into /tmp doesn't hang about
forever.
Also, I trust you are already aware that noexec doesn't actually prevent
storing and running any of the scripted exploits in /tmp:
/bin/sh /tmp/i-is-a-leet-haxer.sh
Regards,
Daniel
--
Digital Infrastructure Solutions -- making IT simple, stable and secure
Phone: 0401 155 707 email: [EMAIL PROTECTED]
http://digital-infrastructure.com.au/
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
