Date: Fri, 11 Feb 2005 16:35:15 -0500 From: Chad Morland <cmorland@gmail.com> To: Oliver Leitner <Shadow333@gmx.at> Cc: freebsd-questions@freebsd.org Subject: Re: /tmp on same partition as / Message-ID: <8ca9329050211133536f3aa16@mail.gmail.com> In-Reply-To: <20050211211950.200B643D1D@mx1.FreeBSD.org> References: <8ca932905021112136ad00369@mail.gmail.com> <20050211211950.200B643D1D@mx1.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the responses. I do have a firewall in place and the only open port to the public is 25 which is qmail. I think I'll take your considerations to heart and rebuild the box with its own /tmp partition with noexec. I should have done that in the first place. Thankfully it is not yet in production so its no biggie. -CM On Fri, 11 Feb 2005 22:14:19 +0100, Oliver Leitner <Shadow333@gmx.at> wrote: > well, its ok to have /tmp on the same partition as /, as long as other > security measurements work, for example a tripwire setup and logging user > actions of any kind, also having an overview over the logs. > > as long as these work, and you take care whats going on on the box, it does > not really matter where /tmp resides. > > On Friday 11 February 2005 21:13, Chad Morland wrote: > > I'm setting up a mail server at the momment, one of the things that I > > forgot to do was create /tmp as a separate partiton (/ = 2gb). There > > will be no user logins to the machine aside from admins and the only > > thing that it will run is qmail acting as a smarthost (vanilla qmail, > > no amavis or anything of the sort.) > > > > In your opinion is having /tmp on the same partition as / really THAT > > bad in this case? I'm just wondering cause some people have mentioned > > that its a major security risk. Really, I don't think it is for what > > this box is doing. > > > > -CM > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > -- > By reading this mail you agree to the following: > > using or giving out the email address and any > other info of the author of this email is strictly forbidden. > By acting against this agreement the author of this mail > will take possible legal actions against the abuse. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8ca9329050211133536f3aa16>