Re: [gentoo-user] How many GB for / partition?

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: "John Jolet" <john@jolet.net>
To: <gentoo-user@lists.gentoo.org>
Subject: Re: [gentoo-user] How many GB for / partition?
Date: Fri, 17 Feb 2006 16:20:30 -0600	[thread overview]
Message-ID: <20060217221946.392F418033@flower.jolet.net> (raw)

the problem is they both have valid points.  in this,as in nearly all aspects of unix administration, there is not a single right answer.

-----Original Message-----
    From: "Patrick Börjesson"<psycho@rift.ath.cx>
    Sent: 2/17/06 4:15:08 PM
    To: "gentoo-user@lists.gentoo.org"<gentoo-user@lists.gentoo.org>
    Subject: Re: [gentoo-user] How many GB for / partition?
    
    First, I can't really understand why either one of you two won't fully
    explain your reasonings when going against the other. It helps noone.
    
    On 2006-02-17 19:04, Hemmann, Volker Armin uttered these thoughts:
    > On Friday 17 February 2006 07:33, Alexander Skwar wrote:
    > > Hemmann, Volker Armin wrote:
    > > > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
    > > >> Hemmann, Volker Armin wrote:
    > > >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
    > > >> >> Hemmann, Volker Armin wrote:
    > > >> >> >
    > > >> >> > Why should he make /tmp noexec,
    > > >> >>
    > > >> >> Security precaution.
    > > >> >
    > > >> > if you have 10+ users with access to the box. But a workstation,
    > > >> > without even sshd running, it is not needed.
    
    Of course, if you have a system with _no_ services running (including
    apache, sshd and so on), or a firewall that blocks every and all
    incoming connection attempt, then for someone to access /tmp without
    having physical access to the system (in which case you're pretty much
    screwed anyhow) is, as far as I know, impossible.=20
    
    This doesn't take into account client-side exploits; because with these
    the exploiting code has access to whatever resources the user running
    the client has, including writing to whatever areas that the user has.=20
    
    > > >> "needed" - What's "needed", anyway?
    > > >>
    > > >> > And hey, why should /tmp noexec save you from anything?
    > > >>
    > > >> Because it does.
    > > >
    > > > so? how?
    > >
    > > Think, you might find out. What does noexec do, hm?
    > >
    > > Even *you* might find out...
    > >
    > > Well... If I think about it... No, you're too clueless
    > > to find out.
    > >
    > > Hint 1: "noexec" nowadays makes it impossible to execute
    > > programs stored on that filesystem.
    >=20
    > I know, but it won't save you from anything.
    > After a user got in, he is a user. And every user has a place with write=
    =20
    > permission (if he is user apache/httpd he has lots of places, where he ca=
    n=20
    > store code).  Outside of /tmp.
    
    Where?    

[Message truncated. Tap Edit->Mark for Download to get remaining portion.]

-- 
gentoo-user@gentoo.org mailing list

next             reply	other threads:[~2006-02-17 22:34 UTC|newest]

Thread overview: 78+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-02-17 22:20 John Jolet [this message]
  -- strict thread matches above, loose matches on Subject: below --
2006-02-23 11:07 [gentoo-user] How many GB for / partition? joaoemanuel1981
2006-02-23 12:04 ` jarry
2006-02-23 13:55   ` Uwe Thiem
2006-02-23 14:05     ` John Jolet
2006-02-23 14:30     ` Dave Nebinger
2006-02-23 16:03       ` Richard Fish
2006-02-23 16:12         ` Dave Nebinger
2006-02-23 18:07           ` Alexander Skwar
2006-02-23 19:38           ` Uwe Thiem
2006-02-23 14:45     ` Abhay Kedia
2006-02-16 12:19 Izar Ilun
2006-02-16 12:34 ` Daniel da Veiga
2006-02-16 12:42 ` Neil Bothwick
     [not found]   ` <7ae6f8f0602160450i3d0b3973x437e82ff45c8606e@mail.gmail.com>
2006-02-16 12:51     ` Izar Ilun
2006-02-16 13:06       ` Alexander Skwar
2006-02-16 13:47         ` Neil Bothwick
2006-02-16 14:39           ` Alexander Skwar
2006-02-16 16:17             ` Neil Bothwick
2006-02-16 17:46               ` Alexander Skwar
2006-02-16 18:00                 ` kashani
2006-02-16 20:11                 ` Neil Bothwick
2006-02-16 20:24                   ` Hemmann, Volker Armin
2006-02-17  7:52                   ` Alexander Skwar
2006-02-17  9:41                     ` Neil Bothwick
2006-02-17  1:59           ` Zac Slade
2006-02-17  9:38             ` Neil Bothwick
2006-02-16 14:19         ` Hemmann, Volker Armin
2006-02-16 14:45           ` Alexander Skwar
2006-02-16 15:34             ` Hemmann, Volker Armin
2006-02-16 16:18               ` Alexander Skwar
2006-02-16 18:46                 ` Hemmann, Volker Armin
2006-02-16 19:40                   ` Alexander Skwar
2006-02-16 20:12                     ` Neil Bothwick
2006-02-16 21:07                       ` Richard Fish
2006-02-16 23:37                         ` Neil Bothwick
2006-02-17  6:02                       ` Alexander Skwar
2006-02-17  7:14                       ` Uwe Thiem
2006-02-16 20:23                     ` Hemmann, Volker Armin
2006-02-17  6:33                       ` Alexander Skwar
2006-02-17 18:04                         ` Hemmann, Volker Armin
2006-02-17 18:19                           ` Richard Fish
2006-02-17 18:38                             ` Alexander Skwar
2006-02-17 19:18                               ` Benno Schulenberg
2006-02-17 19:41                                 ` Daniel da Veiga
2006-02-17 22:15                               ` Hemmann, Volker Armin
2006-02-17 18:35                           ` Alexander Skwar
2006-02-17 22:15                           ` Patrick Börjesson
2006-02-17 23:48                             ` Hemmann, Volker Armin
2006-02-17 19:52                         ` Maarten
2006-02-17 21:35                           ` Alexander Skwar
2006-02-17 22:36                             ` Rumen Yotov
2006-02-17 22:56                             ` Neil Bothwick
2006-02-16 14:58           ` jarry
2006-02-16 15:14             ` Robert Crawford
2006-02-16 15:36               ` Hemmann, Volker Armin
2006-02-16 14:47         ` jarry
2006-02-16 13:03 ` Alexander Skwar
2006-02-16 14:14   ` apn
2006-02-16 14:51     ` Alexander Skwar
2006-02-16 15:04       ` Martin Eisenhardt
2006-02-16 15:15         ` John Jolet
2006-02-16 15:29           ` Martin Eisenhardt
2006-02-16 15:10       ` jarry
2006-02-16 15:30         ` Alexander Skwar
2006-02-16 16:09           ` Martin Eisenhardt
2006-02-16 16:21             ` Alexander Skwar
2006-02-16 20:58               ` Martin Eisenhardt
2006-02-16 15:33         ` Martin Eisenhardt
2006-02-16 17:46           ` Jarry
2006-02-16 18:13             ` Alexander Skwar
2006-02-16 15:50         ` Richard Fish
2006-02-16 13:29 ` Emanuele Morozzi
2006-02-16 14:22 ` Hemmann, Volker Armin
2006-02-16 15:02   ` Richard Fish
2006-02-16 15:48     ` Hemmann, Volker Armin
2006-02-16 18:40       ` Richard Fish
2006-02-16 15:33   ` Alexander Skwar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060217221946.392F418033@flower.jolet.net \
    --to=john@jolet.net \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox