From owner-freebsd-questions Tue Jan 7 14:57:25 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 24FC937B401 for ; Tue, 7 Jan 2003 14:57:24 -0800 (PST) Received: from mired.org (ip68-97-54-220.ok.ok.cox.net [68.97.54.220]) by mx1.FreeBSD.org (Postfix) with SMTP id 3F94443ED1 for ; Tue, 7 Jan 2003 14:57:23 -0800 (PST) (envelope-from mwm-dated-1042412242.f6ac49@mired.org) Received: (qmail 1882 invoked from network); 7 Jan 2003 22:57:22 -0000 Received: from localhost.mired.org (HELO guru.mired.org) (127.0.0.1) by localhost.mired.org with SMTP; 7 Jan 2003 22:57:22 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15899.23377.600763.752730@guru.mired.org> Date: Tue, 7 Jan 2003 16:57:21 -0600 To: Andrew Prewett Cc: freebsd-questions@FreeBSD.ORG Subject: Data vulnerability (Was: security vulnerability in dump) In-Reply-To: <20030107230749.F83991@slave.east.ath.cx> References: <200301071548.H07FM0J93369@asarian-host.net> <20030107183359.A51290@slave.east.ath.cx> <877kdgvjub.fsf@pooh.honeypot.net> <20030107211007.L86665@slave.east.ath.cx> <15899.18601.253736.141278@guru.mired.org> <20030107230749.F83991@slave.east.ath.cx> X-Mailer: VM 7.07 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`; h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ From: Mike Meyer X-Delivery-Agent: TMDA/0.67 (Whirlaway) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In <20030107230749.F83991@slave.east.ath.cx>, Andrew Prewett typed: > Today Mike Meyer wrote: > > In <20030107211007.L86665@slave.east.ath.cx>, Andrew Prewett typed: > > > Today Kirk Strauser wrote: > > > > At 2003-01-07T17:35:49Z, Andrew Prewett writes: > > > > > Normally the master.passwd is backed up regularly by cron (/var/backups), > > > > > so maybe no need to backup it again. > > > > Were you joking? Surely you're not implying that there's no need to copy > > > > the data to tape (which is the most common use for dump) since it now exists > > > > in two places on the same hard drive - are you? > > > If /etc and /var are on the same HD, then it's not a production > > > machine or the setup is simly wrong. > > It may not be a machine you'd want to use for what you use production > > machines for, but there are a fair number of production uses where you > > only have one hd, or where having /var and /etc on the same file > > system are acceptable. > Yes, it depends. Sure, if it's not a home pc, then backup is a must, > regardless how many hd's are in the machine. But I wouldn't put / and /var > on the same fs, even on my home pc. Even if it *is* a home pc, backup is a must. Any backup that sits on the same machine is pretty much irrelevant. Sitting on the same disk is just a worse case of irrelevant. The daily backups of /etc/whatever are at best a convenience, and nobody competent would depend on them as the sole backup of those files. Personally, I may have as many as six current copies of the files in /etc: The one in /etc, the system backup in /var, the copy I store in perforce, and the backups of each of those. I keep / and /var on the same fs on my two of my home machine. That's because nothing crucial is going on on /var, and they both get the same treatment for backups. For the non-production machine, it's storage of the files I touch in perforce. For the machine that sits on my desktop, it's a daily backup of the root file system, with weekly backups that go offsite. There's no universally applicable reason to put /var on a separate file system. Various reasons may apply to any given production system, and one or more probably apply to most. But just because you've never encountered a machine that one of those reasons didn't apply to doesn't mean that such machines don't exist. http://www.mired.org/consulting.html Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message