Add new comment

Want to support HowtoForge? Become a subscriber!
Aieee!! It's all in one partition!
Submitted by Anonymous (not registered) on Wed, 2006-02-22 23:40.
Don't put a general purpose Web server in one big partition! Consider disaster recovery. If you get rooted, you might want to replace root and /usr but leave /var. To avoid getting rooted, you might want to mount noexec any directory Apache can write in. Make a partition for /tmp, /var/tmp, Squirrel Mail's data, Mambo's data, /var/log/apache, etc.

Over time your users will install badly written PHP applications and they will get exploited by worms and skript kiddies. The exploits will write spam-mailers and attack programs in /tmp but they won't run. It won't stop a determined attacker, but the kiddies will move on to lower-hanging fruit.

Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.

Reply

*
*
The content of this field is kept private and will not be shown publicly.


*

  • Images can be added to this post.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <div>
  • Lines and paragraphs break automatically.
More information about formatting options