Site Navigation

Date:      Tue, 01 Aug 2006 17:25:45 +0200
From:      =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org>
To:        Freminlins <freminlins@gmail.com>
Cc:        freebsd-questions@freebsd.org, Tyler Spivey <tspivey@pcdesk.net>
Subject:   Re: switching from linux to freebsd
Message-ID:  <44CF7279.5040504@locolomo.org>
In-Reply-To: <eeef1a4c0608010518x28f5d82bw416dff78a99a603f@mail.gmail.com>
References:  <20060801053719.GA6735@fast> <44CEF9EB.3080807@locolomo.org> <eeef1a4c0608010518x28f5d82bw416dff78a99a603f@mail.gmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
Freminlins wrote:
> On 01/08/06, *Erik Norgaard* <norgaard@locolomo.org
> <mailto:norgaard@locolomo.org>> wrote:
>  
> 
>     you may
>     even want to mount it read-only for security. (I think these are good
>     advises on any system).
> 
> 
> I used to agree with this (specifically the mantra was "mount /usr read
> only") - until I tried to patch anything! Then it's useless.

You usually don't patch up your system everyday. Remount rw do the
patching and remount ro. The problem is more that some 3rd party
applications assume that /usr is writeable. I found the problem more
annoying with / whenever I need to change some system file.

However, most important is to have /tmp on a separate partition. Then
there will only be few writes on /.

> What you end up with is a machine which in which the base install is
> more secure, but all your data isn't. The base install is the one thing
> I know I can get back (i.e. reinstall) in 5 minutes. The data I cannot.

I think it is very valuable to get the system up so I can rescue my
data. Having base system go down along with my data doesn't seem to have
any clear advantages.

Mounting / and/or /usr ro will get your systems up faster and that
seemed to be the issue.

Cheers, Erik
-- 
Ph: +34.666334818                      web: http://www.locolomo.org
X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9

[-- Attachment #2 --]
0�	*�H��

��0�

10	+0�	*�H��


���0��0�נ
	�U��O0
	*�H��


0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
00
060420131650Z
070420131650Z0b10	UES10U
LocoLomo.Org10U
Erik Norgaard1$0"	*�H��

	
norgaard@locolomo.org0�
"0
	*�H��



�
0�

�

��>NP�L�G�MK��	�$��������^h�a~���
�	��Xם-���`������Y^�P��
o�œtƥ�*\�.��e��_�!���2\��j]m)B����>��v+�����z�������2�V���f���D�ѝ��R}Tc�&E/#_.9DŽ9��÷�(3	?�ԝWu��%)���v�ŅͯT��r)F����A+�(�R6ƶ��w��
��{�9z�P_���Q��^z��pk/���jX��MY

��
n0�
j0U

�0
0U�0Uiy�,��]�ñtb�?�i�0��U#��0�À�a�&��W�t��Е�na=⥡�����0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0�	�U��O
0 U0�norgaard@locolomo.org08U10/0-�+�)�'http://www.daemonsecurity.com/ca/ds.crl0
	*�H��


�
ǟ@��&<m��Wc�4L��S�@�G�4[�'s��5��\�\V��N^`�I
���&>�"@���>"[���xq�8��9��`���@�sG��;��L��P���]ƜTT|sGٶ2����Ҋct�x?'ҭ�$0�����r�;2#b�a�"�%$B
�p%�rԆU
����ì>�!7���3ȁ����g��6�_���I.2��Ġ��!����A���a�AmF
G'bךu�f���>-�d��x��qq0�9#XO�Sk+F�uy��T����v����r�+p!�!}��n.6N�H'�5�
�+9���`CV�ĩ�;7R��ߔ�R���K���Ip��v&��S@P`��;%e��ƓxCu�iL�	��Cb���
�Y,�
)x��:3�ѓG���j���Re
���E��tP��Ұ�k<�
c\;�9��p���T���9/K̩�� �LH��z�M�Mu��ʔ
(�dks�kj����<ds08P�xZ
���N��WC�0��0�נ
	�U��O0
	*�H��


0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
00
060420131650Z
070420131650Z0b10	UES10U
LocoLomo.Org10U
Erik Norgaard1$0"	*�H��

	
norgaard@locolomo.org0�
"0
	*�H��



�
0�

�

��>NP�L�G�MK��	�$��������^h�a~���
�	��Xם-���`������Y^�P��
o�œtƥ�*\�.��e��_�!���2\��j]m)B����>��v+�����z�������2�V���f���D�ѝ��R}Tc�&E/#_.9DŽ9��÷�(3	?�ԝWu��%)���v�ŅͯT��r)F����A+�(�R6ƶ��w��
��{�9z�P_���Q��^z��pk/���jX��MY

��
n0�
j0U

�0
0U�0Uiy�,��]�ñtb�?�i�0��U#��0�À�a�&��W�t��Е�na=⥡�����0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0�	�U��O
0 U0�norgaard@locolomo.org08U10/0-�+�)�'http://www.daemonsecurity.com/ca/ds.crl0
	*�H��


�
ǟ@��&<m��Wc�4L��S�@�G�4[�'s��5��\�\V��N^`�I
���&>�"@���>"[���xq�8��9��`���@�sG��;��L��P���]ƜTT|sGٶ2����Ҋct�x?'ҭ�$0�����r�;2#b�a�"�%$B
�p%�rԆU
����ì>�!7���3ȁ����g��6�_���I.2��Ġ��!����A���a�AmF
G'bךu�f���>-�d��x��qq0�9#XO�Sk+F�uy��T����v����r�+p!�!}��n.6N�H'�5�
�+9���`CV�ĩ�;7R��ߔ�R���K���Ip��v&��S@P`��;%e��ƓxCu�iL�	��Cb���
�Y,�
)x��:3�ѓG���j���Re
���E��tP��Ұ�k<�
c\;�9��p���T���9/K̩�� �LH��z�M�Mu��ʔ
(�dks�kj����<ds08P�xZ
���N��WC�1��0��

0��0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0	�U��O0	+��)0	*�H��

	1	*�H��


0	*�H��

	1
060801152545Z0#	*�H��

	1rv.�GN�	ڟ�?�'��G0R	*�H��

	1E0C0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��	+

�71��0��0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0	�U��O0��*�H��

	1�����0��10	UES10U
Daemon Security10UCertificate Authority10UCertificate Authority1$0"	*�H��

	
ca@daemonsecurity.com1
0U
0	�U��O0
	*�H��



�

."=#�R��x�/�ӎ�y�ݭ��X����L�~�:���(��%gm�qC&�U�7�����
*�����ݵb�lA��T�_q�'�[τr���"��v�F�ϯ���j���H����T6?��0�ض}�m@�_uI�_���FDQK7��e�_t	+X��V?Z�!2��rj��O�4��N��GN_i#i7�	:�l<�b���z������i\)[����"�g�^�^��j�y3�}|�M���?7

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44CF7279.5040504>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact