[ On Thursday, June 5, 2003 at 12:05:53 (-0700), Greywolf wrote: ]
> Subject: Re: Rototil of sysinst partitioning code
>
> It's up to the individual, of course, and I can see where / and
> /usr make a good merge now (but don't enforce it, please, by
> doing something stupid like making dependencies on /usr being
> mounted in single-user mode!), but I still think having anything
> user-writable on / is a bad idea.  Old habits die hard, I guess.

Leaving /usr on the root filesystem does not, by default, leave anything
user-writable on the root filesystem, at least not so long as /tmp is
kept separate, but that's a separate issue regardless of where /usr is.

> [We reallly ought to give some thought to keeping system logs
>  on a non-user-writable partition, too.]

Yes, I agree /var/tmp should be kept separate from the rest of what's
normally on /var.  So should /var/mail of course, and /var/spool/ftp if
you turn on ftpd and put user writable dirs there, etc., etc., etc....

There are some other issues with files writable on /var by untrusted
users.  Some of these can and should be fixed (e.g. /var/run/named.pid)
but others are a bit more difficult to un-wrinkle.

> And, from my experience, trying to figure out what goes where
> on Linux is a f(rea)king nightmare.  It's enough to confuse someone
> into having EVERYTHING on /.

I think you're still confused about the cause and effect here.....

You should be more worried about people who set LOCALBASE=/usr/local and
then also install non-packaged software in with packaged software.  :-)
(which is exactly what FreeBSD and RedHat encourage)

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>