On Thu, 6 Jul 2000, Nikolai Dahlem wrote:

At 13:57 06.07.00 +0200, you wrote:

...

Partitioning is either a question for a beginner mailing list - or- if it IS a security related question, the information given in the mail is everything else but enough to answer.

Sorry if I provided too little information. I thought about partitions as a manner of security, like separate partition for log-files, separate partition for web-server document root and mail-spool, etc. I just wanted to collect some ideas to ensure that i don't overlook something when I set up the partitions.

Nikolai

There _are_ security-related issues regarding disk partitioning, so you're not off base to ask the question to this list, IMO. Basically, you have to consider how your server can be exposed to possible Denial of Service attacks by having user- or outsider-writable sections on the filesystem together with critical parts of the OS or logs. One precaution would have a seperate partition for /var, seperating the email and printing spool files from the root partition. You should probably also have a seperate /tmp partition, since it's world-writable. It might even make sense to have a seperate /var/log partition so that system logs aren't compromised by a possible email DoS (even better: log to a remote system). If you're running anything where size can vary wildly (like Usenet news) it's a good idea to put it on a seperate partition. If you've got user accounts on the machine it's probably a good idea to put them in a seperate partition so they don't accidentally (or on purpose) fill up a crucial partition. If you have any world-writable anonymous FTP areas (bad idea but perhaps unavoidable) you'd want them in a partition where you couldn't be DoSed by somebody dumping a bunch of warez on you. My basic partition scheme is generally a variation of this: / /var /tmp /home plus usually a /usr partition since that's where most of the software lives (so I usually end up adding disks to this partition), plus partitions for special software, such as Oracle or Usenet news, plus sometimes /usr/local if I have a lot of local stuff such as a big httpd root. Hope this helps, John Ritchie

Sorry if I provided too little information. I thought about partitions as a manner of security, like separate partition for log-files, separate partition for web-server document root and mail-spool, etc. I just wanted to collect some ideas to ensure that i don't overlook something when I set up the partitions.

Nikolai

Another hint, following the other postings: Change the mount options for your partitions to the bare minimum needed. /usr doesn't contain devices, but if it does anyway, nodev inhibits the interpretation of a device file. / doesn't need to be writeable for users if you have a seperate /var filesystem (you needn't have a directory writeable for users). Make sure that you remove /tmp and create a link /tmp -> var/tmp. (It would be advisory to create /var/tmp on the root filesystem as well!) On some machines, where I can't symlink /tmp, I have / mounted nosuid. This requires that the path contains /usr/bin before /bin, and that all needed suid binaries from /bin have an equivalent in /usr (copied, not moved!). This is how it can look like: /dev/sda2 on / type ext2 (rw,nosuid) /dev/sda3 on /var type ext2 (rw,nosuid,nodev,usrquota) /dev/sdb1 on /usr type ext2 (rw,nodev) /dev/sdc1 on /home type ext2 (rw,nosuid,nodev,noatime,usrquota) /dev/sda1 on /boot type ext2 (rw) "noatime" has performance reasons. Be careful with that, it might break things (Currently, I don't know of any...). Roman. -- _ _ | Roman Drahtmüller "The best way to pay for a | CC University of Freiburg lovely moment is to enjoy it." | email: draht@uni-freiburg.de - Richard Bach | - -