vincent_b_...@yahoo.com said:
> Just wondering if (excepting the existing zones thread) there are any
> compelling arguments to keep /var as it's own filesystem for your typical
> Solaris server. Web servers and the like.
Well, it's been considered a "best practice" for servers for a lot of
years to keep /var/ as a separate fileystem:
(1) You can use special mount options, such as "nosuid", which improves
security. E.g. world-writable areas (/var/tmp) cannot be seeded with
a trojan or other privilege-escalating attack.
(2) You can limit the size, preventing a non-privileged process from
using up all the system's disk space.
If you don't believe me, go read Sun's own Blueprints books/articles.
Personally, I'd like to place a limit on /var/core/; That's the only
consistent "out of disk space" cause I've seen on our Solaris-10 systems,
and that happens whether /var/ is separate or not. Maybe /var/crash/
as well.
Regards,
Marion
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
