/tmp on same partition as /
cmorland at gmail.com
Fri Feb 11 21:35:17 GMT 2005
Thanks for the responses. I do have a firewall in place and the only
open port to the public is 25 which is qmail. I think I'll take your
considerations to heart and rebuild the box with its own /tmp
partition with noexec. I should have done that in the first place.
Thankfully it is not yet in production so its no biggie.
On Fri, 11 Feb 2005 22:14:19 +0100, Oliver Leitner <Shadow333 at gmx.at> wrote:
> well, its ok to have /tmp on the same partition as /, as long as other
> security measurements work, for example a tripwire setup and logging user
> actions of any kind, also having an overview over the logs.
> as long as these work, and you take care whats going on on the box, it does
> not really matter where /tmp resides.
> On Friday 11 February 2005 21:13, Chad Morland wrote:
> > I'm setting up a mail server at the momment, one of the things that I
> > forgot to do was create /tmp as a separate partiton (/ = 2gb). There
> > will be no user logins to the machine aside from admins and the only
> > thing that it will run is qmail acting as a smarthost (vanilla qmail,
> > no amavis or anything of the sort.)
> > In your opinion is having /tmp on the same partition as / really THAT
> > bad in this case? I'm just wondering cause some people have mentioned
> > that its a major security risk. Really, I don't think it is for what
> > this box is doing.
> > -CM
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "freebsd-questions-unsubscribe at freebsd.org"
> By reading this mail you agree to the following:
> using or giving out the email address and any
> other info of the author of this email is strictly forbidden.
> By acting against this agreement the author of this mail
> will take possible legal actions against the abuse.
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions