Fedora 9 and Security

[Bill Davidsen]

Amadeus W.M. wrote:
> On Thu, 29 May 2008 01:02:12 +0100, Alan Cox wrote:
> 
>>>> Because the answer in 99.99% cases is "uh ??"
>>>>
>>>>
>>> Or: "OK, let me chose the default".
>> Why even ask the question - if you know what you are doing you can
>> change it later on.
> 
> 
> What if you don't know what you're doing, but simply do not want the newly 
> introduced feature X for whatever reason? 
> 
>> We don't go around asking
>>
>> Preferred Emailer
>> What inode size should we use on ext3 Adjust raid readahead
>>
>>
>> so why ask about what to most users are internal details about how we
>> make sure their data reappears next reboot ?
>>
> 
> Where do you draw the line? Is "which ports do you want to open in the 
> firewall" less technical? Is creating custom partitions less technical? 
> How about package selection? We do have a choice there (for now). 
> 
> Incidentally and for my own understanding: I am able to mount/umount 
> /dev/sdaX and such, if I wanted to, so the system can and does know the 
> partitions by labels. Why do I have to see the UUID garbage in /etc/fstab 
> though? This is not a rant, it's an actual question. 
> 
The system does not know partitions by label. Partitions don't have 
labels (unless they're elements of an md array and have something in the 
superblock). Partitions have device names, but they can change, drives 
are named by the order of detection. So you can't always count on the 
device name.

Filesystems have labels, and unlike partition device names or UUIDs, 
they need not be unique, so two installs on different drives or 
partitions can leave you with two filesystems names "/".

Only the UUID is (a) not going to change and (b) not going to be 
duplicated by anything like normal system operation. It is therefore the 
least likely to lead to an unwanted learning experience.

-- 
Bill Davidsen <davidsen at tmr.com>
   "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot