From owner-freebsd-questions@freebsd.org Wed Sep 16 01:34:48 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 705DD3E93CE for ; Wed, 16 Sep 2020 01:34:48 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from kicp.uchicago.edu (kicp.uchicago.edu [128.135.20.70]) by mx1.freebsd.org (Postfix) with ESMTP id 4BrjMC3Vk2z41X3 for ; Wed, 16 Sep 2020 01:34:47 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from [192.168.43.231] (unknown [172.58.142.184]) (Authenticated sender: galtsev) by kicp.uchicago.edu (Postfix) with ESMTPSA id 044F14E687; Tue, 15 Sep 2020 20:27:47 -0500 (CDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Subject: Re: partitioning server with 2 hard drives From: Valeri Galtsev In-Reply-To: <20200916002606.52725f1d.freebsd@edvax.de> Date: Tue, 15 Sep 2020 20:27:46 -0500 Cc: Marwan Sultan , FreeBSD Questions Content-Transfer-Encoding: quoted-printable Message-Id: <85AD0AAF-37AE-42C9-BD62-B65398A3A107@kicp.uchicago.edu> References: <20200916002606.52725f1d.freebsd@edvax.de> To: Polytropon X-Mailer: Apple Mail (2.3608.120.23.2.1) X-Rspamd-Queue-Id: 4BrjMC3Vk2z41X3 X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=uchicago.edu (policy=none); spf=none (mx1.freebsd.org: domain of galtsev@kicp.uchicago.edu has no SPF policy when checking 128.135.20.70) smtp.mailfrom=galtsev@kicp.uchicago.edu X-Spamd-Result: default: False [3.91 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; DMARC_POLICY_SOFTFAIL(0.10)[uchicago.edu : No valid SPF, No valid DKIM,none]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; MV_CASE(0.50)[]; RECEIVED_SPAMHAUS_XBL(5.00)[172.58.142.184:received]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-0.88)[-0.876]; GREYLIST(0.00)[pass,body]; RECEIVED_SPAMHAUS_PBL(0.00)[172.58.142.184:received]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.15)[-0.153]; NEURAL_HAM_MEDIUM(-0.66)[-0.659]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:160, ipnet:128.135.0.0/16, country:US]; FREEMAIL_CC(0.00)[hotmail.com,freebsd.org]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Sep 2020 01:34:48 -0000 > On Sep 15, 2020, at 5:26 PM, Polytropon wrote: >=20 >=20 > For /tmp, as well as any partition where user-controlled files can > be placed, it has been correctly suggested to use specific mount > options such as "noexec" and "nosuid" When I joined this advise I forgot one case that bit me in the past when = I made /tmp =E2=80=9Cnoexec=E2=80=9D. Open Office (by Sun Microsystems). = That beast (java based, BTW) when user starts it was creating executable = for that specific user in /tmp, then started that executable. With all = due respect to Sun and all good they have done/made, that was what = really set me off. I do not know if Libre Office does similar thing = though=E2=80=A6 Valeri > . You can immediately see the > advantage of such per-partition settings. ;-) >=20 >=20 > --=20 > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"