By Nix Craft
I am using NFS server version 4.x on a CentOS/RHEL based system. I’m mounting my shared /var/www/ directory on five Apache based nodes using the following syntax:
mount -t nfs4 -o rw,intr,hard,proto=tcp rocknas02:/httproot/www /var/www/
I noticed that due to bug in my app user can sometime upload executable or other device files to get out of chrooted Apache server. How can I prevent such security issues on a CentOS or RHEL based NFS client and sever setup?
Read answer to: “Increase NFS Client Mount Point Security For a Web-Server noexec, nosuid, nodev Options“
Image may be NSFW.
Clik here to view.
Source: NixCraft Intermediate
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
The post Increase NFS Client Mount Point Security For a Web-Server noexec, nosuid, nodev Options appeared first on Linux Fai Da Te | Linux News | Linux Online Magazine.
