Date: Sun, 22 Sep 2002 09:29:33 +0930 From: Phil Kernick <Phil@Kernick.org> To: Brett Glass <brett@lariat.org> Cc: The Anarcat <anarcat@anarcat.ath.cx>, freebsd-stable@FreeBSD.ORG Subject: Re: Suggested modification to default install Message-ID: <3D8D07E5.6010609@Kernick.org> References: <4.3.2.7.2.20020920095347.00b15f00@localhost> <20020510194022.D77057@lpt.ens.fr> <000701c1f804$47d5dc00$6401a8c0@penguin> <20020510140222.M57329@lpt.ens.fr> <15580.1017.276905.556906@guru.mired.org> <20020510194022.D77057@lpt.ens.fr> <4.3.2.7.2.20020920095347.00b15f00@localhost> <4.3.2.7.2.20020921145846.026efc50@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass wrote:
> Well, it's sort of a judgment call, because DNS data is part configuration
> (e.g. zones for which you're the master) and part ephemeral database (slave
> zones, the DDNS portions of master zones, and cache). There's a good argument
> that the ephemera ought to go out in /var while the more permanent or
> configuration-like stuff (e.g. master zones) belongs in /usr.
But by your own logic, the permanent configuration should be in /etc which is
where all the configuration file live.
> So, given this constraint, I figure that /usr/local/etc/namedb is probably
> the best place all around -- and that's where I put everything.
/usr/local is where all of the ports put their stuff. Now I agree that there
is a good argument for making bind a port, and if so, then
/usr/local/etc/namedb would be correct. But currently it isn't, and all of
the base system puts its config in /etc.
Personally I've always used /var/named as the zone directory, but
/var/db/namedb actually looks better.
It's even reasonable to consider that the actual configuration is really
named.conf, and the zone files are extras.
> /usr
> is the default location of users' home directories, so it can be expected
> to be written more frequently.
I've always really hated this approach. /usr is where the vendor supplied
binaries should live, and should be able to be mounted read only to ensure
that they can't easily get trojaned.
That's why I *always* make /home a separate partition and /usr/local is
*always* somewhere else (symlinked back) because both need to be written while
/usr never does. I'm sure we could significantly improve security just by
doing this.
On my system this is /usr:
total 30
lrwxr-xr-x 1 root wheel 10 Aug 4 11:45 X11R6 -> /opt/X11R6
drwxr-xr-x 2 root wheel 7168 Sep 1 19:33 bin
lrwxr-xr-x 1 root wheel 11 Aug 4 11:47 compat -> /opt/compat
drwxr-xr-x 3 root wheel 1024 Sep 1 19:30 games
drwxr-xr-x 40 root wheel 4096 Sep 1 19:32 include
drwxr-xr-x 4 root wheel 8192 Sep 1 19:33 lib
drwxr-xr-x 9 root wheel 512 Sep 19 2001 libdata
drwxr-xr-x 8 root wheel 1536 Sep 1 19:33 libexec
lrwxr-xr-x 1 root wheel 10 Aug 4 11:44 local -> /opt/local
lrwxr-xr-x 1 root wheel 18 Apr 26 21:33 obj -> ../pub/FreeBSD/obj
lrwxr-xr-x 1 root wheel 10 Aug 4 11:44 ports -> /opt/ports
drwxr-xr-x 2 root wheel 4096 Sep 1 19:33 sbin
drwxr-xr-x 26 root wheel 512 Sep 19 2001 share
lrwxr-xr-x 1 root wheel 38 Jan 30 2002 src ->
../pub/FreeBSD/branches/4.0-stable/src
drwxr-xr-x 9 root wheel 512 Dec 23 2001 sup
drwxrwxrwt 2 root wheel 512 Jun 30 00:35 tmp
Anything that can get written to is on a separate filesystem.
> While we're
> at it, let's create a "sandbox" directory structure (similar to the one
> described in the Handbook) for BIND and sandbox it by default. There's
> no reason not to make sandboxing the default on every system, since as
> far as I know it won't break anything to do so.
While I disagree with the directory, I do agree that bind should be sandboxed
by default.
Phil.
--
_-_|\ Phil Kernick E-Mail: Phil@Kernick.org
/ \ ROTFL Enterprises Mobile: 041 61 ROTFL
\_.-*_/
v Humourist, satirist, and probably a few more 'ists to boot!
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D8D07E5.6010609>