Re: Changing /tmp permission
- From: Michael Tosch <eedmit@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 24 Jul 2008 20:16:27 +0200
billdangerous@xxxxxxxxx wrote:
Hi everybody !
First of all excuse me for my English it is quite bad.
I'd like to secure my tmp directory. I know I could make a partition
for this directory with noexec,nosuid,nodev, but I'd like to be more
secure.
noexec,nosuid is certainly okay,
and nodev is perhaps ok (e.g. will break certain X-servers).
I don't want that any users can access to my /tmp directory. So I'd
like to have permissions like 770 instead of 777. I know that many
applications need to write in /tmp directory, so I would like to
create a group named tmp for example where I would add users that need
to write in this directory. Instead of authorizing all users, I want
to limit access to only a determined group of users. So I have to
change group owner of /tmp to become tmp group instead of root group.
Don't!
Must be 1777
There is still a problem with that and the sticky bit. How can I
forbid access to deleting files that we don't own ?
chmod +t
Are there some behaviors or difficulties that I don't think about ?
Yes, 95% of all applications including the shell use /tmp.
--
echo imhcea\.lophc.tcs.hmo |
sed 's2\(....\)\(.\{5\}\)2\2\122;s1\(.\)\(.\)1\2\11g;1s;\.;::;2'
.
- References:
- Changing /tmp permission
- From: billdangerous
- Changing /tmp permission
- Prev by Date: Re: Available consultant Vijay for Unix System Admin with sun Solories Expireance.
- Next by Date: Re: Available consultant Vijay for Unix System Admin with sun Solories Expireance.
- Previous by thread: Re: Changing /tmp permission
- Index(es):
Relevant Pages
|
