Am 24.04.2013 18:12, schrieb Tanstaafl:
> On 2013-04-24 11:31 AM, Florian Philipp wrote:
>> Am 24.04.2013 17:12, schrieb Tanstaafl:
>>> Ok, but - does it make sense to add the noexec option to /var/tmp? Is it
>>> possible that there are other apps that need exec capability in there?
>
>> It makes
On 04/24/2013 11:39 AM, Tanstaafl wrote:
> On 2013-04-23 12:34 PM, Florian Philipp wrote:
>> Am 23.04.2013 16:44, schrieb Tanstaafl:
>>> /boot (ext2), 100M
>>> /swap, 2G
>>> / (ext4), 40G
>>>
>>> then on LVM
>>>
>>> /tmp (ext2), 5G? <- how big?
>>> /var/tmp (ext2), 5G? <- how big?
>
>> If this is
On 2013-04-24 11:31 AM, Florian Philipp wrote:
Am 24.04.2013 17:12, schrieb Tanstaafl:
Ok, but - does it make sense to add the noexec option to /var/tmp? Is it
possible that there are other apps that need exec capability in there?
It makes sense. Any world-writable directory should be noexec
On 2013-04-23 12:34 PM, Florian Philipp wrote:
Am 23.04.2013 16:44, schrieb Tanstaafl:
/boot (ext2), 100M
/swap, 2G
/ (ext4), 40G
then on LVM
/tmp (ext2), 5G? <- how big?
/var/tmp (ext2), 5G? <- how big?
If this is a production server I wouldn't use ext2. In the case of a
crash or reboot,
Am 24.04.2013 17:12, schrieb Tanstaafl:
> On 2013-04-24 8:48 AM, Florian Philipp wrote:
>>> One thing I'm trying to do is make the system as secure as
>>> possible at the filesystem level, and I've read that making /tmp
>>> and /var/tmp separate partitions so you can mount them
>>> /nodev/noexec/n
On 2013-04-24 8:48 AM, Florian Philipp wrote:
One thing I'm trying to do is make the system as secure as
possible at the filesystem level, and I've read that making /tmp
and /var/tmp separate partitions so you can mount them
/nodev/noexec/nosuid is one way to make things a bit more
secure...
>
Am 24.04.2013 12:48, schrieb Tanstaafl:
> On 2013-04-23 1:59 PM, Neil Bothwick wrote:
>> On Tue, 23 Apr 2013 18:34:38 +0200, Florian Philipp wrote:
>>
So - first, is 5G way too big for the two /tmp dirs? I have lots of
space, but hate waste
>
>>> If you worry about waste consider bind-m
On 2013-04-23 1:59 PM, Neil Bothwick wrote:
On Tue, 23 Apr 2013 18:34:38 +0200, Florian Philipp wrote:
So - first, is 5G way too big for the two /tmp dirs? I have lots of
space, but hate waste
If you worry about waste consider bind-mounting both from the same
partition and install quotas to
On Tue, 23 Apr 2013 18:34:38 +0200, Florian Philipp wrote:
> > So - first, is 5G way too big for the two /tmp dirs? I have lots of
> > space, but hate waste
> >
>
> If you worry about waste consider bind-mounting both from the same
> partition and install quotas to avoid one filling up the oth
Am 23.04.2013 16:44, schrieb Tanstaafl:
> Ok, this is the last question I need to answer for myself before
> installing a final version of my new virtualized gentoo server...
>
> I'll be using the following partition layout:
>
> /boot (ext2), 100M
> /swap, 2G
> / (ext4), 40G
>
> then on LVM
>
>
Ok, this is the last question I need to answer for myself before
installing a final version of my new virtualized gentoo server...
I'll be using the following partition layout:
/boot (ext2), 100M
/swap, 2G
/ (ext4), 40G
then on LVM
/tmp (ext2), 5G? <- how big?
/var/tmp (ext2), 5G? <- how big?
11 matches
Mail list logo
