1 |
On Wed, Sep 05, 2007 at 08:56:09AM +0200, Alan McKinnon wrote |
2 |
|
3 |
> How is this better than a 500G filesystem mounted at /? |
4 |
|
5 |
Try wiping the OS and re-installing (or installing a different distro |
6 |
for that matter) with "a 500G filesystem mounted at /"... without |
7 |
backing up your data and restoring afterwards. With my setup, wipe all |
8 |
files in the /partition and in the bindmounted directories, leaving the |
9 |
empty directories, and do the install. |
10 |
|
11 |
> 2. Please explain in detail how you will create a 4TB file system |
12 |
> without LVM. This is NOT an edge case, this is a very real situation |
13 |
> that occurs in data centres daily. |
14 |
|
15 |
I repeat again, I was talking about a 500 gig system on a home |
16 |
machine. I acknowledge that one size does not fit all, and an average |
17 |
home machine solution does not necessarily work in a data centre. |
18 |
|
19 |
> 3. Take your proposal and explain to me in detail how you will |
20 |
> prevent a backdoor or trojan from installing and executing scripts |
21 |
> in /tmp and /var. Considering the massive problem that Windows has |
22 |
> caused the world through an inability to do this, I would say this |
23 |
> is a very important thing to be able to. |
24 |
|
25 |
If a trojan can install stuff in a directory owned by root, it's |
26 |
already too late. And remember that a regular user account can run mail |
27 |
to send spam, or ping or DNS lookups to take part in DDOS attacks. |
28 |
|
29 |
-- |
30 |
Walter Dnes <waltdnes@××××××××.org> In linux /sbin/init is Job #1 |
31 |
Q. Mr. Ghandi, what do you think of Microsoft security? |
32 |
A. I think it would be a good idea. |
33 |
-- |
34 |
gentoo-user@g.o mailing list |