As we mentioned in a previous post, setting up extra partitions beyond the standard Linux partitions can have certain security and performance benefits. One of the major directories that you should consider partitioning is the /tmp directory. In Linux, temporary files are stored there and accessed when applications need to use them.
Unfortunately, /tmp is also a prime spot for hackers to plant their malicious executables and use your server as the jumping off point for SPAM, bot attacks, and other malicious objectives. Follow these steps to separate /tmp from your root partition and make it non-executable.
If you wanted the partition to be 512MB for example:
# mkdir /filesystems
# dd if=/dev/zero of=/filesystems/tmp_fs seek=512 count=512 bs=1M
# mkfs.ext3 /filesystems/tmp_fs
Add the following line to /etc/fstab:
/filesystems/tmp_fs /tmp ext3 noexec,nosuid,loop 1 1
Then, mount the partition:
# mount /tmp