| 1 |
On Wed, Sep 05, 2007 at 08:56:09AM +0200, Alan McKinnon wrote |
| 2 |
|
| 3 |
> How is this better than a 500G filesystem mounted at /? |
| 4 |
|
| 5 |
Try wiping the OS and re-installing (or installing a different distro |
| 6 |
for that matter) with "a 500G filesystem mounted at /"... without |
| 7 |
backing up your data and restoring afterwards. With my setup, wipe all |
| 8 |
files in the /partition and in the bindmounted directories, leaving the |
| 9 |
empty directories, and do the install. |
| 10 |
|
| 11 |
> 2. Please explain in detail how you will create a 4TB file system |
| 12 |
> without LVM. This is NOT an edge case, this is a very real situation |
| 13 |
> that occurs in data centres daily. |
| 14 |
|
| 15 |
I repeat again, I was talking about a 500 gig system on a home |
| 16 |
machine. I acknowledge that one size does not fit all, and an average |
| 17 |
home machine solution does not necessarily work in a data centre. |
| 18 |
|
| 19 |
> 3. Take your proposal and explain to me in detail how you will |
| 20 |
> prevent a backdoor or trojan from installing and executing scripts |
| 21 |
> in /tmp and /var. Considering the massive problem that Windows has |
| 22 |
> caused the world through an inability to do this, I would say this |
| 23 |
> is a very important thing to be able to. |
| 24 |
|
| 25 |
If a trojan can install stuff in a directory owned by root, it's |
| 26 |
already too late. And remember that a regular user account can run mail |
| 27 |
to send spam, or ping or DNS lookups to take part in DDOS attacks. |
| 28 |
|
| 29 |
-- |
| 30 |
Walter Dnes <waltdnes@××××××××.org> In linux /sbin/init is Job #1 |
| 31 |
Q. Mr. Ghandi, what do you think of Microsoft security? |
| 32 |
A. I think it would be a good idea. |
| 33 |
-- |
| 34 |
gentoo-user@g.o mailing list |
Archives