-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Feb 27, 2007 at 10:07:35AM +0900, John Summerfield wrote: > >This depends entirely on the tasks required of the box. > >Putting /tmp on a separate partition can allow you to mount it noexec, > >which can help with security, and filling up /tmp won't fill the rest > >of the disk. > > OTOH anything bad you can do with /tmp you can do better with /var/tmp, > and making that noexec is not a realistic proposition. Why not ? I have /tmp and /var/tmp as noexec on all my servers, along with ACLs to better protect it. []s - -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFF4+WHpdyWzQ5b5ckRAsqhAJ42KhqPI/2tWjLkH2hhPHw9VwN4XwCfcTSK gyKdB/+0jp43OpDNYFCSQv0= =3KjO -----END PGP SIGNATURE-----