From owner-freebsd-security  Tue Feb 26 15:39:23 2002
Delivered-To: freebsd-security@freebsd.org
Received: from roble.com (mx0.roble.com [206.40.34.14])
	by hub.freebsd.org (Postfix) with ESMTP id 559FD37B43D
	for <security@FreeBSD.ORG>; Tue, 26 Feb 2002 15:39:06 -0800 (PST)
Received: from localhost (marquis@localhost)
	by roble.com  with ESMTP id g1QNd5R26215
	for <security@FreeBSD.ORG>; Tue, 26 Feb 2002 15:39:05 -0800 (PST)
Date: Tue, 26 Feb 2002 15:39:05 -0800 (PST)
From: Roger Marquis <marquis@roble.com>
To: security@FreeBSD.ORG
Subject: Re: Third /tmp location ? (and maybe a fourth too)
In-Reply-To: <20020226182434.B45921@cowbert.2y.net>
Message-ID: <20020226152847.L25859-100000@roble.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> > File system full errors are typically caused by unnecessary
> > partitioning.  You rarely see them on single-partition systems.
> > Creating symlinks or additional tmp directories to avoid the
> > inevitable drawback of excess partitions is two bads, which don't
> > sum to a good.  Both also violate the KIS principle.
>
> Unfortunately, as demonstrated in another reply,
> the optimal partition scheme (/, /usr, /var) is
> preferred over single partition schemes.

Preferred by who?  Not by the majority of admins I've worked with
over the past couple of decades.  Neither is there any real gain
afforded by a read-only /usr.  /usr had to be partitioned years
ago because it wouldn't fit on the root disk.  With the introduction
of 1GB disks there is no longer a good reason to partition /usr
though some still rationalize the practice citing unsubstantiated
benefits of read-only mounts vs read-only permissions.

Creating a partition for /var is also rarely necessary unless your
applications require partitioning for performance , pseudo-quotas,
or they need more disk than the root volume provides.

-- 
Roger Marquis
Roble Systems Consulting
http://www.roble.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message