Avoiding /tmp directory exploits (2006-4-27)
On a Linux webserver, it's a good idea to recrate the /tmp directory on its own partition with noexec and nosuid. This will ensure that a malicious user can't stuff a rootkit into /tmp through your web server (usually via PHP) and get control of your machine. Dynamic Net has published a great document for [...]
