[techtalk] partitioning security (was lilo)
coldfire
rolick571 at duq.edu
Mon Jul 30 16:10:46 EST 2001
> > let's suppose that you have the entire filesystem mounted on a single
> > partition (/). an attacker could do a number of things .. if they had
> > shell access without quota, they could write a simple program that forks
> > and recursively creates directories effectively consuming all of the
> > inodes on that filesystem. granted, a small percentage of the filesystem
> > is reserved for the superuser, this would cause all kinds of problems with
> > other processes that attempt to create temporary files, logs, etc.
>
> Yes, but you could do that equally effectively over multiple partitions. You've
> assumed the cracker can login. Why not do a df then modify the script to do what
> you describe to each and every partition? I still don't see how breaking things
> up into several partitions actually enhances security.
>
> > it's very simple to have the same effect on a system remotely (logs).
>
> Yes, but again, that's true even if /var and/or /var/log and/or /tmp are separate
> file systems.
having separate partitions prevents them from crashing the root partition.
rather than repeat what has already been documented .. check out
www.securityfocus.com. in their linux section, they have a thing on
partitioning security. somewhere anyhow ;p
abe
More information about the Techtalk
mailing list