Date: Fri, 13 Jul 2001 16:37:37 -0400 From: "Bart Silverstrim" <bsilver@sosbbs.com> To: "Paul Robinson" <paul@akita.co.uk> Cc: <freebsd-isp@FreeBSD.ORG> Subject: Re: gcc on production server Message-ID: <010c01c10bdb$a8f11600$0100a8c0@sosbbs.com> References: <20010711170336.B84178@krijt.livens.net> <20010711123133.A21587@pitr.tuxinternet.com> <20010712123523.G53408@jake.akitanet.co.uk> <007c01c10b14$5462d820$0100a8c0@sosbbs.com> <20010713122500.A23202@jake.akitanet.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Jul 12, Bart Silverstrim <bsilver@sosbbs.com> wrote: > > > Why not use two drives, one read only with the OS on it, one with multiple > > partitions to mount to /var and /tmp, <swap>, /home...stuff like that...or > > some variation of that theme? > > Because I'm not sure that enhances security in any way. There are lots of > problems here, not least that if somebody finds a hole in your ftpd or > whatever, you are going to have to go into serious downtime to patch > it. Whereas a rw disk can be patched in seconds. If somebody finds a hold in FTPD and you want to patch it, you're going to have serious downtime no matter what; I wouldn't trust binaries afterwards. In a small ISP setting where I was (or in the place I'm working in now, if it would be possible) I'd rather do a full reinstall of the OS or get spare hardware and set up a replacement server to cycle in, depending on the damage. Otherwise you could be leaving back doors open. A read-only media would really keep them from hosing the system (for this context, I'll refer to the CD ROM idea, since that's what I had in mind before with this idea). I wouldn't do this for certain types of systems; as always, it depends on the application and context. For a small ISP, we could do it for servers that do things like small DNS servers, systems where you need to keep the system protected, etc. Patching would be done on a system that's set aside as a vanilla "image" blank; patch that, reburn the CD's, and just swap the CD's into the server's drives and restart. Also with a RO media, if a hacker gets in, it does enhance security...how do you trojan a system you can't modify? The damage would occur to things like web pages and personal files. Restoration from backups should take care of that side, but it would at least keep you from having to keep reinstalling and reconfiguring the servers. And a simple system like this would not be something for a huge company or large ISP; I agree there. With that kind of budget, chances are they can get better solutions. But for small mom-and-pop providers, I think this could be budgeted from the money they'd save not running with NT licenses :-) *shrug* I thought it would be a good idea. I just don't work at a place that's as unix-friendly right now to try it out. -Bart --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.264 / Virus Database: 136 - Release Date: 7/4/01 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?010c01c10bdb$a8f11600$0100a8c0>