Mounting is the attaching of an additional block devices to the currently accessible filesystem of a computer. The /tmp directory is a world-writable directory used for temporary storage by all users and some applications. This directory is not meant for mounting block devices. Since, /tmp directory is world-writable, devices that are mounted on this directory can be accessed by all users.Therefore, it is advisable to enable nodev mount option for /tmp directory in /etc/fstab to prevent block devices from mounting on /tmp.
Severity
important
Category
Linux - Mounting Options Security
Resolution
Follow the below steps to resolve the misconfiguration.
Follow the below steps to resolve the misconfiguration. Edit the /etc/fstab file and add nodev to the fourth field (mounting options) for the /tmp partition. Run the following command to remount /tmp : mount -o remount,nodev /tmp
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.
