[techtalk] partitioning security (was lilo)
coldfire
rolick571 at duq.edu
Sun Jul 22 14:35:55 EST 2001
> As a side not, you shouldn't install Linux with everything on one partition.
> I was going to point you to VA Linux's site for good partition scheme
> suggestions, but they're no longer doing hardware apparently. Ah well.
> There are plenty of resources out there on the net for partitioning schemes.
very true .. throwing everything on one partition is a potential security
risk and could also make your machine less stable. i won't go into detail
(i'm somewhat ethical ;p) on these issues ..
but it's always a good idea to mount /tmp on it's own partition. i mean,
it's world readable and world writeable. having this on it's own seperate
partition prevents users from being able to make hardlinks to privledged
files for example. the same could apply for /home and other points.
i always like to have /var mounted on it's own partition. this way, if an
attacker decides he wants to flood my box with something .. whatever it
may be .. if it's logged, when the logs fill up the partition entirely, it
won't crash the root partition. i guess this could apply for /tmp as well
(and possibly other points).
just a couple tid bits. :)
coldie
More information about the Techtalk
mailing list