Is securing /tmp Worthless?

[LawsHosting]

Ok, I've read on here and via Google about noexec flag on /tmp... but can anyone tell me whats the point? As can still execute (sh & perl) in /tmp on all my servers (Debian Etch 4)..

Heres my steps :

dd if=/dev/zero of=tmpMnt bs=1024 count=250000
/sbin/mke2fs /tmpMnt
cd /
cp -R /tmp /tmp_backup
mount -o loop,noexec,nosuid,rw /tmpMnt /tmp
chmod 1777 /tmp
cp -R /tmp_backup/* /tmp/
rm -rf /tmp_backup

/dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 0
/dev/sda2 swap swap defaults 0 0
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults 0 0
/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0

So, whats the point?

 

[floyd]

So, whats the point?

It keeps this from running ./script.sh or ./script.pl or a compiled program ./script

But yes you are right and what I have been saying every time this subject comes up and the script kiddies know it too and that's why they don't even try to run ./script.pl anymore in /tmp, at least I don't see it. I always see perl or sh in front of the script name.

Securing /tmp is only one very minor step in security.

 

[LawsHosting]

I do have mod_security2 & mod_evasive enabled, and currently, they are effective (in some way).... Ofc nothing is fool-proof