You are correct about security being handled at the file level, but you are
incorrect about partitioning not aiding security. If you have a web server
and you partition the HD, putting the OS on one partition, and the web
server and content on the other partition, you can help prevent access to
your system files. Nowadays with security being a top priority, it is best
to use all methods possible to secure your systems. Short of using Deny
Everyone for Full Control on system files, there is probably no way to
ensure your system files are completely secure. And besides the security
issue here, it is nice to organize things, so that administration is easier,
and it is also easier to pass the tasks on to someone else. If I know that
my sql files go one my d: drive, web content on the e: drive, etc, etc, I
and anyone who does the job in the future will have a much easier time.
Also, say in the future I decide I really need a separate machine for the
SQL server, or if I want to switch from say IIS to Apache, I can just
uninstall, and then format the partition, and reuse it. If I have one big
partition, I either have to clear off EVERYTHING and start again from
scratch, or I have to try to uninstall the SQL/IIS server, along with all
the data, registry entries, backups etc, which we know will not be a clean,
non-problematic uninstall.
Partitioning is definitely the way to go, I doubt you will ever find an
Enterprise where the OS is on the same partition/drive as the web server and
content.
TN.
-----Original Message-----
From: Benjamin S. Rogers [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 24, 2001 7:07 AM
To: CF-Server
Subject: RE: New Server...
> Keeping your OS on a separate partition from your web content is a good
> thing to do from a security standpoint.
Why? As I mentioned in another response, security is handled at the file
system level, not at the partition level.
Benjamin S. Rogers
Web Developer, c4.net
Voice: (508) 240-0051
Fax: (508) 240-0057
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
