The Linux System Administration concepts, commands and tasks covered here apply to the Fedora, Ubuntu, Kubuntu, Edubuntu, Slackware, Red Hat, Debian, SUSE, openSUSE – and ALL other Linux distributions.
When you install Linux, you can assign the /var directory to a partition with a fixed size.
If you install the software components (packages) for a Linux Web server or an FTP server on a system, many files (such as server log files) will be created in subdirectories below /var as these servers are being used. These files can become quite large.
By restricting the size of /var you can increase the protection for your system by stopping files that are created in /var from using up all of the disk space on the system.
The “permissions” (a.k.a. capabilities) that users have to a partition (to which a directory points) can be set to read-only. This allows users to read files from the directory, but not write (save) files into the directory or delete files from the directory.
If all directories on a system were read-only, then users would not be able to save any of their work. However, when a directory is assigned to a partition, it can be mounted as read-only so that users cannot put files into the directory or remove files from the directory. This stops an attack where: “dangerous” programs are added to a directory, existing program files are replaced with “dangerous” program files, or program files are removed so that tasks can not be performed. Program files that cause damage to a system when they are executed (run) are “dangerous” files.
Tags: linux system