14 May
2005
14 May
'05
00:09
Hello, The last suse systems attacks I had to 'clean-up' were all based on php scripts copying and starting some stuff in /dev/shm. To improve the security a little bit, I'd like to have this pseudo filesystem 'noexec,nosuid' (like /tmp), but under suse linux it's not in the /etc/fstab (cf. http://www.eth0.us/?q=tmp for some other ideas). Is the only way to achieve that editing directely /etc/init.d/boot.shm ? It seem to be the case: in /etc/sysconfig/kernel you can only set the size, but not the other options... (suse 9.2 in this case) Or how would you do it? Btw, is that /dev/shm *really* necessary? :) regards, Olivier