Re: [OT] fhs and multiple partitions (was: Installing Debian using ...)
On 23/02/2004 at 07:52, Albert Cahalan wrote:
> If stability were an issue, we'd need to fix that
> instead of using a gross work-around.
Yes, you're right.
> Nope. This is Linux, which kicks ass. On your
> single-partition Linux 2.6 system, do this:
>
> mount --bind /home /home
> mount --bind -o remount,nosuid /home /home
Oh!, nice thing. I discovered mount -bind some days ago and I didn't
realize this utility. Very nice!.
However, some of the servers I admin run 2.4 (and I do not plan to move
them to 2.6, so...).
> > What is a *very big* security gain is to mount *all* partitions *except*
> > /usr nosuid.
>
> **AHEM**
>
> mount --bind
You're right (with 2.6) :-)
> Problem solved, without the disk management issues.
Yes, but: What if some dumb|malicious user|program fills /home ?
Or a daemon goes crazy and fills /var/log ?
IMHO, having separate partitions for system and data is mandatory in any
decently administered OS.
Anyway, I feel more comfortable having my system split in half a dozen
partitons than a single huge one. Given that a 40 Gb hard disk lets me
partition them generously.
That "feeling" is due to having had some "freights" when I used reiserfs
(losing /home due to fs corruption is a bad thing, losing the entire
system is worse).
Anyway; I generally agree with you, just wanted to comment some points.
Thanks.
--
Kiko
Reply to: