[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Filesystem choice in secure server installation



Quoting Togan Muftuoglu <toganm@xxxxxxxxxxxxxxxxxxxxx>:
>
> I was reading the SLES8_EAL2_SecurityGuide.pdf
> http://www.suse.de/de/security/eal2/SLES8_EAL2_SecurityGuide.pdf
>
> On page 8 it stated to have the "/" partion as ext3. If I remember
> correctly SuSE had ReiserFS since 6.4 and and it has been the default
> choice of filesystem for quite a time.
>
> So want I want to understand is what makes "ext3" as a better choice for
> the meeting of criteria and what are the reasons reiserfs fails.
>
> I do not want to start a flame war but I want to understand the facts in
> making such a decision.
>

I have no direct knowledge, but I'm guessing it has something to do with cutting
down the work required to get EAL certification.  EXT3 has the advantage of
being somewhat simpler than reiser, it's essentially just a journaling system
tagged onto the venerable ext2.  ext2 had probably been vetted before, so
getting ext3 in was easier than getting reiser in.

I would be surprised if there was any technical reason; I believe it was just a
way to streamline the certification.

(and I'm someone who only uses ext3, not reiser, out of sheer bloody-minded
stubborness and an irrational fear that reiser is not entirely stable)

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here