Technology Insights

Secure /tmp And /var/tmp Directories On CentOS Linux

A couple days ago a CentOS Linux server that I took over administration on had some mysterious files show up in the /tmp and /var/tmp directories. The files were placed in /tmp and /var/tmp by the apache user meaning there is some form of security hole in Apache, PHP, or one of the virtual hosts has an insecure application installed. Before looking into where the issue is I needed to lock things down so no applications could be executed from these directories in the future regardless of a security flaw in the future. Below are instructions on how to secure /tmp and /var/tmp.