Postfix Problems
Tim
ignored_mailbox at yahoo.com.au
Tue May 23 16:08:05 UTC 2006
On Tue, 2006-05-23 at 13:11 +0100, Paul Howarth wrote:
> If you have /tmp on a separate partition, I'd seriously consider
> mounting it noexec,nodev. If it's not a separate partition, I'd
> seriously consider making one for it on an Internet-exposed web
> server.
> Same goes for /var.
I haven't struck any problems with doing that to /tmp/, but if you have
a chrooted BIND and a nodev mounted /var/ you strike problems with it
not being able to use its chrooted /dev/random, at least. And a noexec
mounted /var/ requires you to have your webserver cgi-bin programs
stored in another location (e.g. /srv/www/cgi-bin/). Not sure how
that'd impinge on PHP, etc.
I can't think of any other gotchas to prepare for at the moment.
--
(Currently running FC4, occasionally trying FC5.)
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list