> If you've done your job right, it can be mounted read-only. This
> makes it harder for someone to break into the machine and obtain root
> access, because now they have to be root to unmount /usr and remount
> it read-write, so that they can put their trojan script on there that
> they're hoping you'll execute.
AND just how are crackers going to write their trojan's in my root owned
/usr (and remember root now owns the binaries in /usr) w/o *already*
being root. This is just as weak as the argument that BPF makes a box
more vulnerable to having a rouge sniffer running on it.
> You're right that this is a somewhat religious issue, however, if
> you're going to run a huge root filesystem, then you are more likely
> to get what you deserve if /usr or one of the other directories on
> the root filesystem get trashed or fill up.
And just what do I "deserve"? Fuh! Yea, as some said, lets go with a
30MB / so you can't even have room for a second kernel. You should see
how fscked up Beast.freebsd.org is because of all the /, /usr, /var,
/tmp, etc, were mis-sized. If I "deserve" something, then what's the
proper sizes for these? I can tell you I run out of space on / a lot
less my way and have space where I need it, than I do on machines with
the millions of partitions.
Fuh!
--
-- David ([EMAIL PROTECTED])
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
