From owner-freebsd-questions@FreeBSD.ORG Fri Feb 11 21:35:17 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4D78916A4CF for ; Fri, 11 Feb 2005 21:35:17 +0000 (GMT) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8E8B43D2F for ; Fri, 11 Feb 2005 21:35:16 +0000 (GMT) (envelope-from cmorland@gmail.com) Received: by wproxy.gmail.com with SMTP id 58so1547475wri for ; Fri, 11 Feb 2005 13:35:16 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=NFGrwRMkfRcqqASwSTCR9+XZcGzu5nCGHR0uLfORBiRpx46uw6kmC2JBiUjdJXrHQ5BX05qy9XfLT4crkkrhyJHOLhRhRp3OdtQxAU98qSTVf6vJWL2hWwo4zLgCzzAm9pfN/sGtYPLJTCAUb97gR6AmeofZaf7jISMtJAZGYCk= Received: by 10.54.14.3 with SMTP id 3mr296319wrn; Fri, 11 Feb 2005 13:35:15 -0800 (PST) Received: by 10.54.28.49 with HTTP; Fri, 11 Feb 2005 13:35:15 -0800 (PST) Message-ID: <8ca9329050211133536f3aa16@mail.gmail.com> Date: Fri, 11 Feb 2005 16:35:15 -0500 From: Chad Morland To: Oliver Leitner In-Reply-To: <20050211211950.200B643D1D@mx1.FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <8ca932905021112136ad00369@mail.gmail.com> <20050211211950.200B643D1D@mx1.FreeBSD.org> cc: freebsd-questions@freebsd.org Subject: Re: /tmp on same partition as / X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Chad Morland List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Feb 2005 21:35:17 -0000 Thanks for the responses. I do have a firewall in place and the only open port to the public is 25 which is qmail. I think I'll take your considerations to heart and rebuild the box with its own /tmp partition with noexec. I should have done that in the first place. Thankfully it is not yet in production so its no biggie. -CM On Fri, 11 Feb 2005 22:14:19 +0100, Oliver Leitner wrote: > well, its ok to have /tmp on the same partition as /, as long as other > security measurements work, for example a tripwire setup and logging user > actions of any kind, also having an overview over the logs. > > as long as these work, and you take care whats going on on the box, it does > not really matter where /tmp resides. > > On Friday 11 February 2005 21:13, Chad Morland wrote: > > I'm setting up a mail server at the momment, one of the things that I > > forgot to do was create /tmp as a separate partiton (/ = 2gb). There > > will be no user logins to the machine aside from admins and the only > > thing that it will run is qmail acting as a smarthost (vanilla qmail, > > no amavis or anything of the sort.) > > > > In your opinion is having /tmp on the same partition as / really THAT > > bad in this case? I'm just wondering cause some people have mentioned > > that its a major security risk. Really, I don't think it is for what > > this box is doing. > > > > -CM > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" > > -- > By reading this mail you agree to the following: > > using or giving out the email address and any > other info of the author of this email is strictly forbidden. > By acting against this agreement the author of this mail > will take possible legal actions against the abuse. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >