[conspire] Safe NTFS read/write driver for Linux

Rick Moen rick at linuxmafia.com
Fri Jul 21 18:30:04 PDT 2006 

Quoting Daniel Gimpelevich (daniel at gimpelevich.san-francisco.ca.us):

> On Fri, 21 Jul 2006 03:43:44 -0700, Rick Moen wrote:
> 
>>> If ext3 can perform an fsck(8) at other than boot-time, that would
>>> be great.
>> 
> > Definitely doesn't at present -- though I don't personally see it as
> > a must-have, but rather an it-would-be-nice.
> 
> This is not 100% true. AFAICT, it's perfectly safe to run e2fsck on
> filesystems which are mounted read-only.

Yes, true.  

I tend to forget that because filesystems mounted read-only are so
seldom subject to damage in the first place, whereas the things I worry
about are on read/write filesystems.

Anyone care about choice of mount options?  Here's uncle-enzo (this
server), at present:

:r /etc/fstab

# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    nosuid		0       0
/dev/sda5       /               ext3    defaults,errors=remount-ro 0       1
/dev/sda1       /boot           ext2    ro,nodev,nosuid,noexec 0       2
/dev/sdb1       /home           ext3    nodev,nosuid    0       2
/dev/sdb5       /tmp            ext2    noatime,nodev,nosuid 0       2
/dev/sdb8       /usr            ext2    nodev,ro        0       2
/dev/sda9       /usr/local      ext3    defaults        0       2
/dev/sdb7       /var            ext3    noatime,nodev,nosuid 0       2
/dev/sda8       /var/log        ext2    noatime,nodev,nosuid 0       2
/dev/sda7       none            swap    sw              0       0
/dev/sdb6       none            swap    sw              0       0
/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0
/dev/sda6   	/mnt/recovery 	ext2    rw,noauto       0       2


Notice the "nosuid" on /proc?  That's because of this beauty:
http://seclists.org/lists/fulldisclosure/2006/Jul/0312.html

Since there's no legitimate need for setuid/setgid on /proc, the
"nosuid" option averts that utterly brilliant timing attack and any
others like it.

Talking to a developer friend, I said I felt a _little_ sheepish not
having done that before, but isn't the problem that you'd have to know
kernel interfaces really, really well to be _sure_ that no legitimate
need exists for those privilege bits on /proc files?  He agreed.

More information about the conspire mailing list