Date: Thu, 6 Sep 2001 05:12:07 -0400 From: Andrew J Caines <A.J.Caines@halplant.com> To: freebsd-security@freebsd.org Subject: Re: Good practice for /tmp Message-ID: <20010906051207.O55388@hal9000.servehttp.com> In-Reply-To: <20010906094931.B30676@cartman.private.techsupport.co.uk>; from ceri@techsupport.co.uk on Thu, Sep 06, 2001 at 09:49:31AM %2B0100 References: <craig@allmaui.com> <20010904221809.B57312B@usul.nersc.gov> <20010905183015.A824@hades.hell.gr> <20010906094931.B30676@cartman.private.techsupport.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Ceri, > > From: Eli Dart <dart@nersc.gov> > > Mount /tmp then as MFS with a limited size. Works nicely, for me. > > **boggle** Not at all boggling. It's as simple as possible. /dev/ad0s1b /tmp mfs rw,async,noatime,-s=32768 0 0 > Swap mounted on an MFS /tmp ?? > > **shudder** No, that's the noise you hear when your program is trying to do fast small I/O on your disk. With an mfs, it's more a smooth hum. Working on the well-established premise that /tmp is is for small, short-lived, non-persistent files with fast I/O and that /var/tmp (which at times and places used to sometimes be /usr/tmp) is for a shared persistent storage area for temporary files, /tmp on mfs/md and /var/tmp on disk works perfectly. Solaris does this by default, although it foolishly makes the whole VM available for storage for all users. FreeBSD errs on the side of simple conservatism out-of-the-box while allowing a bucketful of features. What makes you uncomfortable? -Andrew- -- ______________________________________________________________________ | -Andrew J. Caines- Unix Systems Engineer A.J.Caines@halplant.com | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010906051207.O55388>