cancel
Showing results for 
Search instead for 
Did you mean: 

/tmp change permission

Diyana
Occasional Contributor

/tmp change permission

I gave permission 777 to directory /tmp but unexpectedly the permission change. How to investigate this?
9 REPLIES
g3jza
Esteemed Contributor

Re: /tmp change permission

Hi,

/tmp should be recreated each time the server reboots, as it should be 'temporary' , maybe that's the reason why it was changed....
Diyana
Occasional Contributor

Re: /tmp change permission

the permission of /tmp was change without server rebooted...
Dennis Handly
Acclaimed Contributor

Re: /tmp change permission

What was the permissions changed to?
For security, it should be 777 plus the sticky bit: 1777
Diyana
Occasional Contributor

Re: /tmp change permission

/tmp was changed from 777 to 755..our batch job was failed due to this permission change..
Dennis Handly
Acclaimed Contributor

Re: /tmp change permission

>/tmp was changed from 777 to 755.

Hmm, this isn't a reasonable security change from a tool like Bastille.
Who is the owner of /tmp/? I.e. can only root change the permissions?
If so, you need to track down some root crontab script that may be doing that.
Dennis Handly
Acclaimed Contributor

Re: /tmp change permission

If you can't find the root crontab that's changing the permissions, you may have to turn on auditing for chmod, until you find it.
Bill Hassell
Honored Contributor

Re: /tmp change permission

The permissions for /tmp can only be changed by the root user -- unless root has changed the permission of / to alllow other users to destroy your system. The top level directories should not be changed. You need to locate either the root user that is making these changes or look for some program or script that is causing this error. There may be a misguided reason to changing a directory from 777 to 755 -- 777 means that any user can add or delete files or directories, not often a desirable feature. But for /tmp (and /var/tmp), it is mandatory. The only valid change would be to prevent users from removing or renaming files or directories that they do not own. In this case, 1777 permission is a valid solution. But as you have seen, 755 is incorrect for /tmp and /var/tmp and will break a lot of programs.



Bill Hassell, sysadmin
Steven E. Protter
Exalted Contributor

Re: /tmp change permission

/tmp file system is designed to be open. Many applications, oracle for example, need /tmp to be open in order to function correctly.

This is one of those things you probably don't want to play around with. Great way to break programs.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Hakki Aydin Ucar
Honored Contributor

Re: /tmp change permission

if any advise does not work recommended here, may be you can try to use HP HIDS (Host Intruder Detection System) to catch who did what to the files OR dircetories. it is my favorite software from HP. I believe it is free of charge.