Secure Shared MemoryUse with caution
Some applications do not work in read-only mode. Please tests carefully.
Shared memory can be used in an attack against a running service, apache2 or httpd for example. To make it more secure, modify /etc/fstab using this command:
sudo vi /etc/fstab
add the following line for Ubuntu 12.04:
tmpfs /dev/shm tmpfs defaults,noexec,nosuid 0 0
add the following line for Ubuntu 12.10 or later:
#secure shared memory tmpfs /run/shm tmpfs defaults,noexec,nosuid 0 0
You will need to reboot for this setting to take effect.
If you want to make the changes without rebooting, you can run:
sudo mount -a
This command will allow you to find which files and folders can be secured:
sudo find / -perm -2 ! -type l -ls