Help Net Security: Securing Linux
May 16, 2002, 20:30 (0 Talkback[s])
(Other stories by Aleksandar Stancin)
[ Thanks to LogError for this link.
"Good partitioning does a lot of good to your system's security
as it greatly simplifies your admin duties in case of a system
crash and data recovery. You can create various partitions, and
have them set as read-only, nosuid or similar. By having a
partition mounted as nosuid you can simply address the SUID issue,
generally connected to buffer overflows and obtaining a root shell
or some other possibile security compromising flaws. More about the
SUID issue can be read here . If you plan to run an FTP server,
setting that partition would save you a lot of trouble in the
future, as it is in read-write mode, but no suid programs can be
run from it. Same can be said for mounting a partition read-only,
or ro. You can always alter these settings, wich are located in
/etc/fstab, for any of your block devices. Of course, 'man
fstab(5)' and 'man mount(8)' are your good friends to get a grip
with all possible options when mounting a filesystem. /etc/fstab is
human readable, so you'll easy get into it.
"Generally speaking, putting linux, or any other OS on a single
partition is a major administration no-no, and with any multiuser,
multitasking os, is asking for trouble, sooner or later..."