On 05/03/2015 05:45 PM, John Andersen wrote:
Additionally, opensuse decided to never purge ANY temp files, and save ridiculous amounts BTRFS snapsots, and put /tmp and /var/tmp on BTRFS as sub-volumes putting the whole installation at risk of a full /tmp, on an experimental file system.
No argument there! But then again, even before BtrFS there was the whole issue of whether /tmp though be a real file system or a tmpFS aka memory mapped. There have been security flaws over the years that make it advisable to have a /tmp or at least a download area that is mounted non executable. I'm aware of read-only snapshots (useful for backups) but I'm not clear on whether a subvolume can be mounted non-executable[1]. I'm really not happy with the idea that the BtrFS will/should/might take over the whole file tree. But that's another matter. We can also argue over such thins as :should /usr/tmp be symlinked to /tmp?" /usr/tmp -> /var/tmp Of course /var should be writable :-) /usr need not. Hence that symlink. [1] As SUN showed with its networked worked stations back in the 1980s and onwards, where you could log in 'anywhere', its not a good idea to have much of the file tree writeable, never mind executable. Much of the file tree is owned and only writeable by root and the shared environment things like /usr/share really really are shared. There is no reason /etc shouldn't be as well. Limiting where executables can reside and their permission eliminates many of the security problems inherent with Windwos. Of course a user can always 'run as root' whcih gets back to the problem we always had with Windows, but in a shared/service setting that's less likely. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org