[LUNI] Securing /tmp

[Walter E]

Wait for it,

SELinux.

At least I think it should be able to, but I really haven't fooled
around with it more than I absolutely have had to. I'm not saying that
it would be easy either.
On Sat, 2007-07-14 at 09:49 -0500, Branko Kotur wrote: 
> I've already set my /tmp as noexec, but everything I've seen regarding this 
> topic only mentions using noexec.  I haven't been able to find anything that 
> would allow me to prevent perl/shell scripts from running inside /tmp.  Does 
> anyone know if this is possible, and if so, how?
> 
> This is for shared web hosting servers.  While I can't control what my 
> customers do nor force them to upgrade their PHP scripts every day, I'd like 
> to at least minimize the results of their lack of understanding/caring about 
> the risks of not upgrading.