> > > Is that a relic to when hard drives were 6MB > and you had to > > > worry about logs filling up your user space? > > > > Mostly a relic, yes. It was done mostly to help > prevent / from > > filling up. > > Seems to me having one pool of free space rather than > n>1 pools wouuld be better for this in almost all > instances. Is there a reason for preferring / to have > space even when /tmp or /var is full? > > > > > > Is something else I should be thinking about? > > Hacking linux exposed recommends the multiple > partition thing so that partitions that are fairly > static can be mounted as read only during ordinary > use. So they have to be on separate partitions from > things that change often, and especially from /tmp > which must be writable by everyone. HLE doesn't like > the idea of having something world writable on the > same partition as anything valuable/hackable, I forget > why. Somehow having them on the same partition makes > things a bit more vulnerable (links maybe?). > > Of course if an intruder gets root he can remount the > sensitive partitions as RW, but supposedly this > approach cuts off some paths to cracking root in the > first place.
Makes sense that what it takes to boot the system into a state that allows you to fix a problem should be read only execpt for root. Like you siad, if they get the root password the battle is lost and you better have good backups. Is HLE a good book? I don't think I saw it at Borders. -Matt
