[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
On Tuesday 16 October 2001 8:59 pm, kam@xxxxxxxxxxxxxxxx wrote about Re: [LUG] Linux partitions: > Incidentally, why do some books, and I think the Mandrake installer, > recommend spreading the filesystem over three or four partitions. Is there > still an argument for this or is it just a hangover from the days (all of > about three years ago) when you needed to use two or three physical > disks?? > > Keith This comes from "Linux Security Basics in 24hrs (SAMS) 2001": ISBN: 0672320916 <quote> Define Multiple Partitions. It is infinitely more convenient to create a single large partition .... However, there are a number of security benefits that can be achieved .... [by using multiple partitions] 1. Avoid some attacks directly (by having /tmp on a different partition to / ) 2. Restrict execution of binaries on some mounted areas (outside /bin) 3. Mount some areas with SUID/SGID disabled 4. Mount some areas as read-only .... if a cracker is able to get root access by some other means, each can be defeated... However, [these measures] do help to prevent an intruder from gaining root-level access in the first place. </quote> Seems more appropriate for an internet server than a home machine that connects via a modem. Even with broadband (what's that?), if you hide everything behind a firewall there is only so much that can be done to harm you. If you use a broadband connection to serve a website or provide dial-in access, maybe it's more essential. -- Neil Williams #-#-#-#-#-#-#-#-# linux@xxxxxxxxxxxxxx neil@xxxxxxxxxxxxxx neil@xxxxxxxxxxxx www.codehelp.co.uk -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.