If you're the paranoid type, making a 100mb partition for /boot and mounting that read-only(or not mounting it at all)(after the install) is not a bad idea....
On 6/4/07, Ralph Shumaker <[EMAIL PROTECTED]> wrote:
What parts of the filing system need to be mounted read-write? Which parts don't? Stewart has mentioned that he's thinks it's a good idea to mount /etc and /sbin as read-only and /home so it's noexec (whatever that means). http://www.kernel-panic.org/pipermail/kplug-list/2005-April/077240.html But he also listed files in /etc that get modified, so maybe it's not a good idea to make that read-only? http://www.kernel-panic.org/pipermail/kplug-list/2002-March/047593.html I sometimes leave my dialup modem connected or sometimes am surfing or downloading for long periods of time. I know that exploits are continually being found. How can I guard against it? I'm about to install fc7 to multiboot with fc4 and I need to restructure my partitions. I have plenty of free space on my HD[1]. I don't just want to chop it up and run along. I'd like to think about partitioning smarter. Apparently, even though LVM makes it easier to span partitions and change them, it's still not an easy task. [1] Originally I had hoped to use the space for MythTV but never got around to it. If I ever do, I'll then add a newer bigger drive for it. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
-- Nicholas Wheeler Systems Administrator Development InfoStructure -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
