August 21st, 2002, 12:20 AM
Introduction to Linux Partitioning
Good Linux security starts with a little planning during the installation. If your partitioning scheme is poorly planned, your shiny new Linux installation may not perform to its full potential, or worse - leave holes in your system that attackers may be able to exploit.
Many users coming from the Microsoft world are unaware of the implications of drive partitioning, because Microsoft products generally use one large partition for everything. Many new users tend to want to throw everything on one Linux partition because that's what they're used to, but this is a dangerous line of thinking. In order to be proficient in Linux, new users must unlearn a lot of bad habits encouraged by Microsoft.
Windows typically mounts drive partitions as new drive letters (i.e., C:, D:, E:, etc.). Linux, on the other hand, seamlessly mounts drive partitions as directories in the tree, so the Linux file system may invisibly span as many disks and partitions as desired. The advantages to this method are twofold: 1) user-writable directories like /home and /tmp can be kept separate from the rest of the system to protect the integrity of the root file system, and 2) partitions can be mounted with different options to restrict access for different purposes.
Any directory that will be written to with any regularity - and especially if ordinary users will have write permission - should be placed on a separate partition. User-writable partitions like /home /var and /tmp have a tendency to fill up with junk, and if they do so on the same partition as the system root they can destabilize or crash the system. This is the basis for many basic kinds of Denial of Service (DoS) attacks like mail-bombing. If /var is on its own partition it will simply fill up with the junk until nothing more can be written, but the system root will be untouched. Ideally, once the box is configured and running, /tmp /var /usr and /home should each be on a separate partition, leaving the partition containing / /bin /etc /lib and /sbin (which must be together - don't get carried away with this ) essentially read-only.
A reasonable partitioning scheme based on the above principles might look like this:
Linux also allows partitions to be mounted with various options that will restrict access to it in a number of ways. They are specified in the /etc/fstab file and are as follows:
nosuid - will ignore the SUID bit on binaries
noexec - will prevent any binaries or scripts from executing from this partition
nodev - ignores devices
These options help to prevent undesirable access by attackers, malicious code like viruses and worms, and clumsy users. Edit the relevant lines of the /etc/fstab file and add the options nodev, nosuid, and noexec as follows:
/dev/hda1 / ext3 noatime 0 0
/dev/hda5 /tmp ext3 noatime,nodev,nosuid,noexec 0 0
/dev/hda6 /var ext3 noatime,nodev 0 0
/dev/hda7 /usr ext3 noatime,nodev 0 0
/dev/hda8 /home ext3 noatime,nodev,noexec,nosuid 0 0
This configuration will not stop a skilled attacker, because these restrictions can be bypassed via an indirect path. But since many script kiddie exploits are designed to run directly from /tmp, setting the noexec option on it will stop most of them cold. There's no good reason for programs to be running from /tmp, anyway. It's generally not a good idea to set the noexec option on /var, because doing so will probably break some applications that need it to function properly (i.e., certain package management systems, like RPM).
Do what you want with the girl, but leave me alone!
October 7th, 2002, 05:50 PM
Im just getting around to installing my first Linux distro and had no intention of partitioning, before reading this!
Question: Have you started on an addition to this tutorial, for a REAL newbie?
Thanx and good work
October 7th, 2002, 06:20 PM
This is great information! I never even considered any of this stuff when I installed linux. I plan on reformatting and installing RedHat 8.0 this weekend, so I'll be sure to keep this in mind.