I am using NFS server version 4.x on a CentOS/RHEL based system. I'm mounting my shared /var/www/ directory on five Apache based nodes using the following syntax:
mount -t nfs4 -o rw,intr,hard,proto=tcp rocknas02:/httproot/www /var/www/
I noticed that due to bug in my app user can sometime upload executable or other device files to get out of chrooted Apache server. How can I prevent such security issues on a CentOS or RHEL based NFS client and sever setup?
The post Increase NFS Client Mount Point Security For a Web-Server noexec, nosuid, nodev Options appeared first on nixCraft.