am using NFS server version 4.x on a CentOS/RHEL based system. I’m mounting my shared /var/www/ directory on five Apache based nodes using the following syntax:
mount -t nfs4 -o rw,intr,hard,proto=tcp rocknas02:/httproot/www /var/www/
I noticed that due to bug in my app user can sometime upload executable or other device files to get out of chrooted Apache server. How can I prevent such security issues on a CentOS or RHEL based NFS client and sever setup? Sysadmin because even developers need heroes!!!
[click to continue…]
ow do I mount /tmp with nodev, nosuid, and noexec options to increase the security of my Linux based web server
? How can I add nodev, nosuid, and noexec options to /dev/shm under Linux operating systems? [click to continue…]
ow do I mount /tmp as a separate filesystem (/root/images/tmpfile.bin) with the noexec,nosuid, nodev options under Linux like operating systems? [click to continue…]