All posts for the month August, 2009

Catch the Spam Tagged emails in spamassassin

Published August 31, 2009 by Siva

Catching spam mails into other mail accounts

In below example i have catched the all spam tagged emails for the domain into

OPen the procmailc file in /etc

# nano /etc/procmailrc

# Catch the Spam Tagged Mail
* ^X-Spam-Flag: YES

addd the above entry in last ..

Thats it ….

Securing Your /tmp Partition to prevent from hackers

Published August 8, 2009 by Siva

Securing your /tmp directory could save you from an un-updated PHP script, where someone attempts to write an executable program with malicous code too.


that being said, lets get to it:

cd /dev

Create 500MB file for our /tmp partition. If you need more space, make count size larger.

dd if=/dev/zero of=tmpMnt bs=1024 count=500000

Make an extended filesystem for our tmpMnt file

/sbin/mke2fs /dev/tmpMnt

Backup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.

cd /
cp -pR /tmp /tmp_backup

Mount the new /tmp filesystem with noexec

mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 0777 /tmp

Copy everything back to new /tmp and remove backup

cp -pR /tmp_backup/* /tmp/

Now we need to add this to fstab so it mounts automatically on reboots.

pico -w /etc/fstab

You should see something like this:

/dev/hda3               /                       ext3    defaults,usrquota        1 1
/dev/hda1               /boot                   ext3    defaults        1 2
none                    /dev/pts                devpts  gid=5,mode=620  0 0
none                    /proc                   proc    defaults        0 0
none                    /dev/shm                tmpfs   defaults        0 0
/dev/hda2               swap                    swap    defaults        0 0

At the bottom add:

/dev/tmpMnt             /tmp                    ext2    loop,noexec,nosuid,rw  0 0

(Each space is a tab)
Save it!

Ctrl + X and Y

Your done- /tmp is now mounted as noexec. You can sleep a little bit safer tonight. I created a hello world c++ and compiled it then moved it to /tmp. Upon trying to run it (even chmod +x’ed), it gives the following error:

bash: ./a.out: Permission denied

good luck! if it is causing problems with any of your software, you could remove the entry from fstab, reboot and then delete /tmp and recreate it to bring it back to normal.