On Wed, Sep 05, 2007 at 08:56:09AM +0200, Alan McKinnon wrote > How is this better than a 500G filesystem mounted at /?
Try wiping the OS and re-installing (or installing a different distro for that matter) with "a 500G filesystem mounted at /"... without backing up your data and restoring afterwards. With my setup, wipe all files in the /partition and in the bindmounted directories, leaving the empty directories, and do the install. > 2. Please explain in detail how you will create a 4TB file system > without LVM. This is NOT an edge case, this is a very real situation > that occurs in data centres daily. I repeat again, I was talking about a 500 gig system on a home machine. I acknowledge that one size does not fit all, and an average home machine solution does not necessarily work in a data centre. > 3. Take your proposal and explain to me in detail how you will > prevent a backdoor or trojan from installing and executing scripts > in /tmp and /var. Considering the massive problem that Windows has > caused the world through an inability to do this, I would say this > is a very important thing to be able to. If a trojan can install stuff in a directory owned by root, it's already too late. And remember that a regular user account can run mail to send spam, or ping or DNS lookups to take part in DDOS attacks. -- Walter Dnes <[EMAIL PROTECTED]> In linux /sbin/init is Job #1 Q. Mr. Ghandi, what do you think of Microsoft security? A. I think it would be a good idea. -- [EMAIL PROTECTED] mailing list