[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SuSE webserver
-----BEGIN PGP SIGNED MESSAGE-----
I don't see the need for 7 partitions, if you use journaling.
For /tmp, use a tmpfs:
none on /tmp type tmpfs (rw,size=2G,nr_inodes=200k,mode=01777)
I use a 2G tmpfs with a 2G swap and 768M physical ram. I'm a gentoo
user, and even compile stuff on this (it helps by anywhere from 0-10%),
so it should be appropriate for your uses :)
I've never seen the /sbin/init.d thing, but I'm wary of separate /etc.
/usr and /usr/local I'd think could be the same; if you break the
system, you have to do a full reinstall anyway to rewrite the binaries,
even though you could keep your configuration.
I'm just being skeptic above, of course. :)
Tom Knight wrote:
|>From: Flavius Porumb [mailto:flavius.porumb@xxxxxxxxxxxxx]
|>Sent: 13 July 2004 08:39
|>Subject: [suse-security] SuSE webserver
|>I found something that may interest some of you,
|> Security (Beginner): Secure Installation of Apache Web Server
|> Posted by hakimkt Tuesday, September 02, 2003 - 08:11 PM CEST
| Fantastic HOWTO, well done HakimKT (whoever you are), and thanks to
| for posting it.
| So, what are the problems with this approach?
| I haven't seen anything absolutely terrible, but I'm no guru...
| * I wouldn't install any ftp server at all, as I just don't go for ftp and
| I'm lucky in that my users don't generally need it...
| * Portmap is installed by default (on SLES), so I remove it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here