Posted by: Patrick | June 16, 2009

Partitioning: A Different Perspective with Encryption and RAIDs

Back To Me

So back on my computer, I decided encrypting swap, /tmp, and /var was enough security for me given my hardware limitations. The /boot was separated for safety’s sake, and in anticipation of that future memory upgrade, at which time I will encrypt the whole thing and /boot will need to remain separate from that encryption. Why then did I decide to separate /opt, /srv, and /usr to a different partition? Well, it’s because those are the three top-level directories that change frequently (and take up the most space) on a system. The other partition is essentially static so for one, it makes security checking for changes (that someone else might have made) that much easier. And second, splitting the two sets of directories means that the active partition is physically separated from the inactive. This makes the hard drive’s seek arm(s) stay within a smaller area, having less distance to travel most of the time. My home/data directory has its own partition for the same reasons. Many would argue that the performance gain is minimal, and I agree, but more than the slight performance gain is the diminished wear and tear on the drive. Everyone eventually has failed drives. The most basic cause for this is moving parts. Any extra time I can get out of them by causing less stress on those parts is worth it in my book.

So back on my computer, I decided encrypting swap, /tmp, and /var was enough security for me given my hardware limitations. The /boot was separated for safety’s sake, and in anticipation of that future memory upgrade, at which time I will encrypt the whole thing and /boot will need to remain separate from that encryption. Why then did I decide to separate /opt, /srv, and /usr to a different partition? Well, it’s because those are the three top-level directories that change frequently (and take up the most space) on a system. The other partition is essentially static so it makes security checking for changes (that someone else might have made) that much easier. And over almost everything there is the redundancy of a RAID mirror so that if one drive dies, the system can live on.

About these ads

Pages: 1 2 3

Posted in HOWTO | Tags: , , , , , , , , , , , , , , , , ,

«
»

Responses

  1. I suggest that you learn some more about how a hard drive is actually constructed, then return to this page and revise parts of your post.

    The heads in a hard disk do not move in an independant fashion, and the last thing you would want to do would be to keep related things on one platter, even if you could.

    By: Itsme on August 6, 2009
    at 18:07

    Reply

  2. You are, of course, correct. I’ll do something about it in the near future. Thanks.

    By: Patrick on August 10, 2009
    at 17:52

    Reply

  3. Altered. Pray I do not alter it further.

    By: Patrick on August 11, 2009
    at 10:45

    Reply


Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 36 other followers

%d bloggers like this: