From owner-freebsd-security  Tue Jun  6  3:39:17 2000
Delivered-To: freebsd-security@freebsd.org
Received: from aurora.scoop.co.nz (aurora.scoop.co.nz [203.96.152.68])
	by hub.freebsd.org (Postfix) with ESMTP id 0DC2A37B517
	for <freebsd-security@FreeBSD.ORG>; Tue,  6 Jun 2000 03:39:13 -0700 (PDT)
	(envelope-from andrew@scoop.co.nz)
Received: from localhost (localhost [127.0.0.1])
	by aurora.scoop.co.nz (8.9.3/8.9.3) with SMTP id WAA09076;
	Tue, 6 Jun 2000 22:38:37 +1200 (NZST)
Date: Tue, 6 Jun 2000 22:38:37 +1200 (NZST)
From: Andrew McNaughton <andrew@scoop.co.nz>
Reply-To: andrew@scoop.co.nz
To: Matt Heckaman <matt@ARPA.MAIL.NET>
Cc: Brett Glass <brett@lariat.org>,
	Matthew Dillon <dillon@apollo.backplane.com>,
	Mike Tancsa <mike@sentex.ca>, freebsd-security@FreeBSD.ORG
Subject: Re: FreeBSDDEATH.c.txt (mmap dirty page no check bug)
In-Reply-To: <Pine.BSF.4.21.0006021647100.10651-100000@epsilon.lucida.qc.ca>
Message-ID: <Pine.BSF.3.96.1000606222934.9047A-100000@aurora.scoop.co.nz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, 2 Jun 2000, Matt Heckaman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Fri, 2 Jun 2000, Brett Glass wrote:
> [...]
> : An interesting related point: By default, the current sysinstall doesn't
> : create a separate /tmp. It leaves /tmp as a directory in the rather small
> : root partition. An action as simple as downloading a large file via Lynx
> : (which downloads to /tmp and then moves files to a destination) is
> : enough to overflow the root partition.
> 
> I would like to see a system where it choose defaults based on two
> classes, we'll call them "workstation" and "server" for the purpose of
> this discussion. The defaults now are fairly decent for a workstation with
> the addition of /tmp mentioned herein.
> 
> However, I've see alot of people new to FreeBSD get bit HARD by those
> defaults especially in any system that delivers e-mail to /var/mail. The
> default for /var is horribly low, I never did understand that myself. It
> would be nice to say "are you are server or workstation" and then spit out
> some better default variables based on the answer.

Perhaps more to the point, there should be a little more information
available at the time about what the implications of the options are.

A 'server' option built for a machine where lots of users have shell
accounts and mail (big /var and /tmp) is going to be quite inappropriate
for a typical dedicated webserver.

Absence of /tmp is a pretty major oversight for any machine.  Putting it
on the root partition is doubly so.  If there's no sepsrate partition it
should at least be an alias to /var/tmp or something of the sort. 




--
Andrew
McNaughton andrew@squiz.co.nz




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message