|
Lines 1747-1753
Link Here
|
| 1747 |
<para>Different filesystems can have different <firstterm>mount |
1747 |
<para>Different filesystems can have different <firstterm>mount |
| 1748 |
options</firstterm>. For example, with careful planning, the |
1748 |
options</firstterm>. For example, with careful planning, the |
| 1749 |
root filesystem can be mounted read-only, making it impossible for |
1749 |
root filesystem can be mounted read-only, making it impossible for |
| 1750 |
you to inadvertently delete or edit a critical file.</para> |
1750 |
you to inadvertently delete or edit a critical file. As well, |
|
|
1751 |
separating the filesystem containing <filename>/home<filename>, |
| 1752 |
from other filesystems means that user-writable filesystems can be |
| 1753 |
mounted <firstterm>nosuid</firstterm>. This will prevent the |
| 1754 |
<firstterm>suid/guid<firstterm> bits on executables stored in |
| 1755 |
<filename>/home</filename> from taking effect, possibly improving |
| 1756 |
security.</para> |
| 1751 |
</listitem> |
1757 |
</listitem> |
| 1752 |
|
1758 |
|
| 1753 |
<listitem> |
1759 |
<listitem> |