Subj : Re: Slackware 10.0 Partioning help To : comp.os.linux From : ibuprofin Date : Tue Sep 21 2004 08:17 pm In article <1095787857./ki8qDUd3gCBvcQ+71pVZw@teranews>, kr0m3 wrote: > >you will find 400 answers to this, and all of the answers have merit. >you will find that everyone is very particular to their own >partitioning scheme and can bring up millions of reasons why theirs >works for them... Yeah, but are the answers sensible? >here is a general rule of thumb to follow until you know enough to >modify it for your own needs: > >******* >any directory that a user (or a program running as that user) will have >write access to...should get it's own partition. >******* > >this normally means /tmp, /usr, /home, /var etc.... > >log files in "/var" can be attacked and intentionally (or >unintentionally) bloated to cause system crashes...so can "/tmp". >those are simple attack scripts to run against a default install... To an extent, true. When did you decide that users should have write access to /usr? None of the systems I've ever admin'ed have allowed that once home directories got moved to /home/. Our logs and mail go to separate servers - and the log server has it's own disk for remote log data. Been that way for a while. >it just makes plain good sense to have /home on it's own partition >(hell, its own DRIVE as far as Im concerned) so that in case of fatal >crash (hardware OR software) your data is retrievable... With quotas (and I've had those installed on every system since the late 1980s), they're not going to fill /home. Likewise, why do your users have such access as to crash the drive. How often do you run backups? >i run a testing web server (apache) and have made it's default content >directory into a soft-link pointing to "/www" (which is it's own >partition). same can be said for pure-ftp and "/ftp". Neither directory fitting into the FHS standard, but it's your system. I don't disagree with your choice. >in reality...for a functional system, you really only need two >partitions, "/" and "". A generally accepted (yet slightly >outdated) rule of thumb is to have the swap partition equal to your >physical RAM x2. yeah, we won't get into that - this isn't BSD, and your swap should be intelligently chosen. You _could_ make do with a swap file, rather than a partition. >the biggest problem that you will run into (assuming you go the way of >security-concern which means that you will be creating several >partitions) is that you will have difficulty deciding how large to >create each partition....err on the side of being safe and pare-down >from there on subsequent installs.....there are plenty of >horror/success stories to be googled. True - but that doesn't say why the multiple partition makes the system any more secure (BARRING quota problems) than the more limited setup. >as far as the point that the only real attack that partitioning helps >agains is a D.O.S. (above)...that isnt entirely true. further, even if >it were, it makes no difference. treat your system's security as a >living organism. you dont simply lock one door and walk away. >multiple layers of defenses that target and protect against various >vulnerabilities. dont over-rely on any one thing....the attackers >wont. Yeah, there's more than one way to shoot yourself in the foot. Any experienced admin has discovered that. Old guy .