Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical

Re: Re: Re: Security Uploading Files

by Vautrin (Hermit)
on Apr 18, 2004 at 19:37 UTC ( #346149=note: print w/replies, xml ) Need Help??

in reply to Re: Re: Security Uploading Files
in thread Security Uploading Files

In regards to checking the amount of disk space left, you may want to partition your hard drive so that files are uploaded on a separate partition. Then, even if someone manages to try to upload a terabyte of data from /dev/urandom, all that gets filled will be your partition, and your computer should still be able to operate.

Want to support the EFF and FSF by buying cool stuff? Click here.

Replies are listed 'Best First'.
Re: Re: Re: Re: Security Uploading Files
by beth (Scribe) on May 26, 2004 at 18:04 UTC
    While you're doing that, mount the partition with noexec:
                  noexec Do not allow execution of  any  binaries  on
                         the  mounted file system.  This option might
                         be useful for a server that has file systems
                         containing  binaries for architectures other
                         than its own.
    Also good for parititions that are writable by untrusted users. It was suggested to me recently that the whole web root should be on a noexec partition, with cgi's symlinked from /usr/lib (or, presumably, other trusted partitions).

    eval pack("H*", "7072696e74207061636b2822482a222c202236613631373036382229");
    # japh or forkbomb? You decide!

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://346149]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (5)
As of 2022-01-22 12:51 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (62 votes). Check out past polls.