[techtalk] partitioning security (was lilo)
Caitlyn M. Martin
cmartin at rtdssmud.rtp.epa.gov
Mon Jul 30 18:49:21 EST 2001
coldfire wrote:
> let's suppose that you have the entire filesystem mounted on a single
> partition (/). an attacker could do a number of things .. if they had
> shell access without quota, they could write a simple program that forks
> and recursively creates directories effectively consuming all of the
> inodes on that filesystem. granted, a small percentage of the filesystem
> is reserved for the superuser, this would cause all kinds of problems with
> other processes that attempt to create temporary files, logs, etc.
Yes, but you could do that equally effectively over multiple partitions. You've
assumed the cracker can login. Why not do a df then modify the script to do what
you describe to each and every partition? I still don't see how breaking things
up into several partitions actually enhances security.
> it's very simple to have the same effect on a system remotely (logs).
Yes, but again, that's true even if /var and/or /var/log and/or /tmp are separate
file systems.
-Caity
More information about the Techtalk
mailing list