-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nordi wrote: | John Richard Moser wrote: | > I don't see the need for 7 partitions, if you use journaling. | The reason for using several partitions is not that they can be checked | faster. This is done for increased security through special mount | options and to prevent local DoS attacks. But read on. | | > For /tmp, use a tmpfs: | [...] | > I use a 2G tmpfs with a 2G swap and 768M physical ram. | Which will make it easy to overload your machine if you don't use quotas | + a specifically hardened kernel. A local attacker can fill up your 2GB Ok local attacker loses his account and gets fired. Still no chance of lamers coming in from the web server. | of /tmp, which means your RAM is full and 1.5GB of swap in use. This is | going to be _really_ bad for your perfomance (=DoS). This is no concern | for your dev-box at home, but for a webserver this is can be a serious | issue. | | > /usr and /usr/local I'd think could be the same; if you break the | > system, you have to do a full reinstall anyway to rewrite the binaries | > even though you could keep your configuration. | | I think the point behind putting /usr/local/ on a seperate partition is | that you can mount /usr as read only (maybe even mount it from a remote | host if you have many boxes!). As most files are located there, yet they | hardly ever need to be changed, this is a good idea. Stuff that is | specific for this box can then be placed in /usr/local. Ahh, neat. | | In addition to using several partitions, /etc, /var, /home and /tmp | should be mounted with "nodev" and "nosuid" options. /usr/local should | at least have the "nodev" option set | Yeah, nice. | nordi | | Thanks for the clarification. I'm mostly into things like PaX and stack smash protection, proper coding, and a little access control. The whole nosuid-nodev thing I tend to overlook, as I'd expect SELinux or RSBAC to be used for that, or for mknod() or chmod()+s to just be denied to non-root users. I also use journaled filesystems (reiserfs), and think that a filesystem should be seen as 'clean' if it came down when there was nothing to be flushed to it and no files open. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA9FazhDd4aOud5P8RAmUNAJ44/FLjqNQo/x8oyZqPHXYdZPMVCgCfY9cO 5wXKHrQapnWB6Rs/qYCF7SU= =lsOO -----END PGP SIGNATURE-----