Bonehead Move, noexec
Scott van Looy
scott at ethosuk.org.uk
Fri Feb 16 16:35:58 UTC 2007
Today Andy Green did spake thusly:
> Ulrich Drepper wrote:
>
> Hi Ulrich -
>
>> Try that on a rawhide system. There was a kernel bad which Linus
>> finally fixed in the 2.6.19 (or .20?) kernels.
>
> It isn't "fixed" on the current FC6 2.6.19 kernel FWIW.
>
>> Partitions are terribly useful. There several useful mount flags:
>>
>> noatime, noexec, nodev, nosuid
> ...
>> If anything, people should use more partitions, not less.
>
> Why should fracturing your storage like a broken mirror have anything to do
> with application of what are basically ACLs. Why is smashing the mirror into
> more smaller pieces any kind of good idea. Partitions in the sense of
> reserving chunks of storage can only mean that you mismanage your storage in
> one section or another and run short. The only situation that is optimal is
> everything sharing a single allocation. It seems to me it is another "bad"
> that in order to get the granular ACL benefits you mention, for some reason
> you currently have to use a stupid static reservation scheme.
If you have a runaway process that randomly creates a massive log on /var
it won't hose the system.
Same for /tmp
If you decide to add another drive it's very easy.
If you wish to only allocate x amount of space to /home and be warned when
you're running out of space it's also trivial.
It's easy to add another drive and move the partition.
It's far easier to do a clean install and keep all your data in your /home
partition (for upgrades or if you're rooted)
In my case, I triple boot XP, Vista and FC6, I have a seperate partition
for data that's writeable by all three OSen
Mostly, in my server, I have one partition per drive, as I'd not trust
something like lvm not to eat all my data by mistake after an update...
--
Scott van Looy - email:me at ethosuk.org.uk | web:www.ethosuk.org.uk
site:www.freakcity.net - the in place for outcasts since 2003
PGP Fingerprint: 7180 5543 C6C4 747B 7E74 802C 7CF9 E526 44D9 D4A7
-------------------------------------------
|/// /// /// /// WIDE LOAD /// /// /// ///|
-------------------------------------------
A person with one watch knows what time it is; a person with two watches is
never sure. Proverb
More information about the fedora-list
mailing list