[TriLUG] disk partitioning
Mike Johnson
mike at enoch.org
Tue Feb 4 11:29:36 EST 2003
Jon Carnes [jonc at nc.rr.com] wrote:
> One big partition will not be slower, but it is less "secure". As an
> example, your "/tmp" directory is on the big "/" and that directory is
> wide-open to being written to. If someone with external access to your
> box decides to hose you, they can simply write a ton of small file to
> your "/tmp" directory. This will eat up all the space on your drive as
> well as all the inodes.
Running with this and totally moving away from the original question:
You can also do stuff like mount partitions with better options. For
instance, mount /tmp with nodev, noexec, nosuid. Mount /usr with nodev.
Mount /var/log with nodev, noexec, nosuid. Mount /home with
nodev, nosuid (and if you're really mean, noexec).
No, these aren't security measures that you should rely on alone. They
tighten up things a little bit more. More to the point, you cannot do
this with one large single partition.
Mike
--
"If life hands you lemons, YOU BLOW THOSE LEMONS TO BITS WITH
YOUR LASER CANNONS!" -- Brak
GNUPG Key fingerprint = ACD2 2F2F C151 FB35 B3AF C821 89C4 DF9A 5DDD 95D1
GNUPG Key = http://www.enoch.org/mike/mike.pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20030204/1ca21daa/attachment.pgp>
More information about the TriLUG
mailing list