cd /dev
dd if=/dev/zero of=tmpmnt bs=1024 count=100000
/sbin/mke2fs /dev/tmpmnt
cp -R /tmp/ /tmp_backup
mount -o loop,rw,nosuid,noexec /dev/tmpmnt /tmp
chmod 0777 /tmp
cp -R /tmp_backup/* /tmp/
# 修改/etc/fstab 添加下面的条目使其在引导时仍然有效
/dev/tmpmnt /tmp ext2 loop,rw,nosuid,noexec 0 0
mv /var/tmp /var/tmpbak
ln -s /tmp /var/tmp
chattr +i /etc/passwd*
chattr +i /etc/shadow*
chattr +i /etc/rc.d/rc.local
chmod 700 /etc/rc.d/init.d/*
chmod 700 /usr/bin/gcc
chmod 700 /usr/bin/g++
chmod 700 /usr/bin/c++
chmod 700 /usr/bin/ld
chmod 700 /usr/bin/as
chmod 700 /usr/bin/perl
chmod 700 /bin/ping
chmod 700 /usr/bin/finger
chmod 700 /usr/bin/who
chmod 700 /usr/bin/w
chmod 700 /usr/bin/locate
chmod 700 /usr/bin/whereis
chmod 700 /sbin/ifconfig
chmod 700 /usr/bin/pico
chmod 700 /usr/bin/vi
chmod 700 /usr/bin/which
chmod 700 /usr/bin/gcc
chmod 700 /usr/bin/make
chmod 700 /bin/rpm
php.ini
disable_functions = "symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg, escapeshellcmd"
