In your opinion is having /tmp on the same partition as / really THAT bad in this case? I'm just wondering cause some people have mentioned that its a major security risk. Really, I don't think it is for what this box is doing.
It's obviously a much bigger security risk on a multiuser machine, but even without that being the case, I'm assuming the machine will be providing some sort of network service? Then it can still be a risk worth taking into account.
One or more network services may be making use of /tmp, and if so an unauthenticated external user could plausibly find ways to make those services max out their usage of /tmp, possibly filling your root partition in the process.
Even without worrying at all about malicious intent, /tmp on / makes it very easily to *accidentally* fill your root partition, but'll still be a pain for you to have to deal with it if that happens.
More seriously, a vulnerability could be found in one of those services that could depend on files in /tmp being executable (which should never be true). With a separate /tmp partition, you can easily have it mounted with the noexec option for an added layer of security, so that even if they create a malicious executable in /tmp, they won't be able to execute it without moving it to another file system, which would probably require they already have shell access, defeating the purpose.
Tom _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
