Hi, we have some security problems with our server /tmp directory, where some websites write temporary files. Some hackers manage to upload malicious scripts into that folder, thus executing them (most of the times they are perl based mailer scripts). Do you think we can restrict permissions on the /tmp folder which now is drwxrwxrwt? Thank you for your help.
The common solution to avoid this problem is to have a separate partition for /tmp and then mount this partition with noexec permission. Additionally you should make sure that you enable suexec in all websites to ensure that all cgi processes for every website have their own users.