/tmp permissions

Russell Meek rmeek at russellmeek.net
Mon Aug 7 18:28:52 UTC 2006

Quoting dick hoogendijk <dick at nagual.nl>:

> Today I read that /tmp always is "noexec".
> That should probably be on linux, because on my fbsd-6.1 box it's "rw"
> and that's it.
> Question: should I change /tmp to "rw,noexec" to be safer?
> --
> dick -- http://nagual.nl/ -- PGP/GnuPG key: F86289CE
> ++ Running FreeBSD 6.1 +++ The Power to Serve
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"


Yes, noexec is a good this security wise.  You could also add nosuid  
depending upon what you may need /tmp for.

Most "kiddie scripts" will attempt to run items out of /tmp, by adding  
noexec you prevent items from executing out of the applied directory.


- Russell

More information about the freebsd-questions mailing list