additional security for /tmp , /dev/shm & /var/tmp ?

Would the following cause any problems with Interworx:

  • mounting /tmp as “noexec,nosuid,rw”

  • mounting /dev/shm as “noexec,nosuid”

  • removing /var/tmp and replacing it with a symbolic link to /tmp


I think the official answer here is “I’d test it first” :slight_smile:

It’s probably ok. But absolutely you should test it.

I did this on one server, and havent encountered any issues as a direct result of this.

My current server, without any control panel, worked perfectly fine with those mount options for over two years. I have it set now on my Interworx server and everything seems ok at this point, so far.

gareth25, thanks for letting us know about your experiences with doing this on your server.