Re: How to get away with small /var partition
On Sun, 30 Nov 2003 23:21:24 +0100, Miernik wrote:
> On 2003-11-30, Karsten M. Self <kmself@ix.netcom.com> wrote:
>>> I recommend making it far larger than in the Debian security doc
>>> though. On my servers I have /boot and /usr read-only, and I've been
>>
>> You can leave /boot unmounted altogether. The only times it needs to be
>> accessed are:
>>
>> - At boot time, where access is direct to partition, and the partition
>> need not be mounted (indeed, can't be).
>>
>> - When examining kernel config files and System maps (read-only)
>>
>> - When installing a new kernel (writeable)
>
> Show me a good reason to separete /boot to a separate partition at
> all. What's the extra security we get out of this?
> In /boot there are only the kernel images. System.map's, kernel
> config, and GRUB config.
>
> All that is writable only by root anyway (perms -rw-r--r-- root.root)
> If an attacker get's rights to write or change perms of files there,
> he can equally easy remount the partition rw.
>
> So what's the point?
Elementary System Administration and Security
---------------------------------------------
Lesson #1: Don't mount things not needed for the operation of the system
Lesson #2: Mount things with the minimum permissions necessary for the
operation of the system.
Lesson #3: don't overcomplicate system administration by unnecessary
duplication
re. Lesson #1:
/boot is not needed for the normal operation of the system, and not
mounting it provides two security benefits:
- it can't get accidentally or maliciously damaged
- Conf files are the system admin's business only, but may be of interest
to persons of malice.
re. Lesson #2:
- If the sysadmin just needs to see or read /boot files, mounting it ro
reduces the risk of accidental or malicious damage.
re, Lesson #3:
- An example: I run more than one Linux instance, each with its own /.
I also have several kernels. If I put /boot on its own filesystem, I
don't have to duplicate it.
With regard to your comment about root access: if someone gets root
access, *all* your system security is fscked anyway.
--
....................paul
"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."
Internet Archive Board Chairman
Reply to: