OpenVZ Forum


Home » Mailing lists » Users » creating partition for VE and networking
Re: creating partition for VE and networking [message #12232 is a reply to message #12229] Sun, 22 April 2007 00:27 Go to previous messageGo to previous message
Daniel Pittman is currently offline  Daniel Pittman
Messages: 26
Registered: January 2007
Junior Member
Markus Hardiyanto <informatics2k1@yahoo.com> writes:

> because i plan to use cpanel control panel and need to secure /tmp
> (mount it with noexec)

You might want to consider using a boring mount script for the VE that
puts a small, limited 'tmpfs' into /tmp on that system. That might
allow you to bypass the direct disk requirement -- and has the bonus
that whatever junk hosted sites dump into /tmp doesn't hang about
forever.

Also, I trust you are already aware that noexec doesn't actually prevent
storing and running any of the scripted exploits in /tmp:

/bin/sh /tmp/i-is-a-leet-haxer.sh

Regards,
Daniel
--
Digital Infrastructure Solutions -- making IT simple, stable and secure
Phone: 0401 155 707 email: contact@digital-infrastructure.com.au
http://digital-infrastructure.com.au/

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Using NAT for VE with private IPs
Next Topic: adding secondary IP
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sat Aug 09 04:43:24 GMT 2025

Total time taken to generate the page: 0.32002 seconds
Powered by FUDforum Powered by Virtuozzo Containers