From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.54) id 1FAAeP-0001M9-L9 for garchives@archives.gentoo.org; Fri, 17 Feb 2006 18:48:18 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id k1HIjGU6026422; Fri, 17 Feb 2006 18:45:16 GMT Received: from hetzner.email-server.info (new.email-server.info [213.133.109.44]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id k1HIYE16027847 for ; Fri, 17 Feb 2006 18:34:14 GMT Received: from hd.bei.digitalprojects.com (e182061170.adsl.alicedsl.de [85.182.61.170]) by hetzner.email-server.info (Postfix) with ESMTP id 1B8E69E16 for ; Fri, 17 Feb 2006 19:34:17 +0100 (CET) Received: from [192.168.1.10] (blatt.bei.digitalprojects.com [192.168.1.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by hd.bei.digitalprojects.com (Postfix) with ESMTP id 052C0B8C0A4 for ; Fri, 17 Feb 2006 19:33:38 +0100 (CET) Message-ID: <43F6175C.2000409@mid.email-server.info> Date: Fri, 17 Feb 2006 19:35:08 +0100 From: Alexander Skwar User-Agent: Mail/News 1.5 (X11/20060211) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] How many GB for / partition? References: <7ae6f8f0602160419w67142523p296a88b3944ce180@mail.gmail.com> <200602162123.26046.volker.armin.hemmann@tu-clausthal.de> <43F56E36.2030109@mid.email-server.info> <200602171904.21420.volker.armin.hemmann@tu-clausthal.de> In-Reply-To: <200602171904.21420.volker.armin.hemmann@tu-clausthal.de> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: bee4d466-9ba5-4cf0-a952-c222c1bd453f X-Archives-Hash: 4bd8b86066d9f0290ebcc465bb9db6a8 Hemmann, Volker Armin wrote: > On Friday 17 February 2006 07:33, Alexander Skwar wrote: >> Hemmann, Volker Armin wrote: >> > On Thursday 16 February 2006 20:40, Alexander Skwar wrote: >> >> Hemmann, Volker Armin wrote: >> >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote: >> >> >> Hemmann, Volker Armin wrote: >> >> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote: >> >> >> >> Hemmann, Volker Armin wrote: >> >> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote: >> >> >> >> >> Izar Ilun wrote: >> >> >> > >> >> >> > Why should he make /tmp noexec, >> >> >> >> >> >> Security precaution. >> >> > >> >> > if you have 10+ users with access to the box. But a workstation, >> >> > without even sshd running, it is not needed. >> >> >> >> "needed" - What's "needed", anyway? >> >> >> >> > And hey, why should /tmp noexec save you from anything? >> >> >> >> Because it does. >> > >> > so? how? >> >> Think, you might find out. What does noexec do, hm? >> >> Even *you* might find out... >> >> Well... If I think about it... No, you're too clueless >> to find out. >> >> Hint 1: "noexec" nowadays makes it impossible to execute >> programs stored on that filesystem. > > I know, Obviously not. > but it won't save you from anything. It does. Like I said. > After a user got in, Then it is too late. noexec can save you exactly here. > he is a user. And every user has a place with write > permission (if he is user apache/httpd he has lots of places, where he can > store code). No, he doesn't. > Outside of /tmp. Wrong. > You see - it doesn't help you anything. I see that you don't know what you're talking about. >> Hint 2: /tmp (and /var/tmp) are (hopefully) the only places >> where everybody can write. > > an attacker does not need a place, where everybody can write. He just needs > SOME place, where he can write - like the home-directory of the user he just > corrumpted. But to gain access, most attacks need a place to write. > Also, he can disrupt your system, by just filling up /tmp. No code needed for > that. True. /var/log might be even easier. >> True. /var/tmp is a link to /tmp on my system. And if not, /var/tmp >> could also easily be a seperate fs. > and another partition ..,. Hint: A link is not a partition. And even if it were another filesystem - who cares? >> >> >> Ah. Please explain how you mount /tmp noexec and /usr >> >> >> readonly. >> >> > >> >> > I don't because it is wasted effort. >> >> >> >> Of course it's not. >> > >> > yes it is. >> >> Jaja. Just because you've got problems, it doesn't mean >> that there ARE problems. > > it is wasted: if he has so many rights, that he could write to /usr, he has > enough rights to remount it. Of course not. Having write permissions doesn't mean that somebody is root. Answer the question. > and /tmp is not needed, as soon as you have breaken into the box. Exactly - *as* *soon*. > So, noexec and ro /usr will save you from nothing. Wrong. >> No, it's not. Write permissions don't mean, that somebody is root. > > in my /usr, yes it does. Fine - who cares? >> > yes really, you have to remount /usr everytime you update something. >> >> Jaja. You know, your exaggerations become boring... > > because it is true? No, it's not. > show me, how do you update something residing in /usr without remounting. I don't. >> c) Boot a rescue system like Knoppix and clean /tmp. > > yeah! but why boot from a boot-cd, if you don't have to? (hint: Don't let it happen in the first place. /tmp not on > its own, small partition) Bad advice. >> >> >> I see. Strange thing is, that about every server and workstation >> >> >> I've seen more or less contradicts what you say. >> >> > >> >> > if you have 20+ users on each of them, and every single one is a >> >> > little cracker in disguisse, it may make sense, but for a single user >> >> > box? >> >> >> >> Why are you asking? >> > >> > because you are the one starting with 'server' and 'workstations' >> >> Correct. So what? Why are you asking? >> >> > and the OP >> > never talked about one or the other. >> >> His system MUST be the one or the other. > > nope, Wrong. > there is a third category: personal computer (also called home > computer). Which is the WS class. >> >> > If every partition takes a second, it will be very noticable. >> >> >> >> Hardly. (Notice that I'm not saying "No".) >> > >> > if mounting becomes the major 'hold up' in your booting process, it >> > becomes VERY noticable. >> >> Jaja. Do you actually expect to be taken seriously? > > not from you. Fine. > From thois mailing list I learnt, that if someone is not on your > side, the person is wrong. If you say so. >> > I have been there, >> >> I doubt that. > > Why should I lie? I've got no idea. But you obviously do. > I had 3 ibm harddisks 1x10Gb,2x40gb one seagate 20gb and all and everything on > its own partition. > And it was hell after a while. Because you overdid it: "all and everything on its own partition". >> > More harddisks=bigger chance that one of them dies. >> >> True. So? What does this have to do with the fact, that the >> available hd's are too small? Just as a reminder - that's >> the scenario YOU are talking about. > > becuase you started with 'buy more harddisks' As you started with "not enough space". In your world, how do you get more space? > >> >> > It is simple math. >> >> >> >> *LOL* _You_ should not talk about maths :) >> > >> > you obviously don't understand simple statistics. >> >> Seems like. But maybe it's just, that I've got problems >> following your nonsense, hm? > > you mean your nonesense? No. I meant the nonesense that you write. Learn to read. > Yep, it is hard to deal with you. I'm just as anal as you are. Alexander Skwar -- Your happiness is intertwined with your outlook on life. -- gentoo-user@gentoo.org mailing list