Filesystems: the saga continues
Bernhard comes up with a few arguments in support of multiple filesystems which, in my arrogant opinion, make no sense.
The first argument (about hardlinking a file to your homedirectory until something bad is discovered in one of the binaries) has been sufficiently debunked by Joey Hess.
The second and third arguments are the same, really. Repeating your argument won't buy you any beer, sorry.
Finally, all your arguments talk about server. I was talking about laptop. I don't know about you, but me, I'm not in the habit of loaning out my laptop to someone I don't trust. I'm not even in the habit of loaning out my laptop to someone I do trust, come to think of it. I do run some servers on my laptop, but I also have a firewall on my laptop that refuses incoming connections.
This is a laptop. Not a machine in a data center.
As such, the only person with access to my machine is me. Now I don't say I trust each and every bit of software that I run on my laptop, but I do trust myself. I won't start scanning my laptop's hard disk for rogue SetUID hardlinks in another user's home directory, because there isn't another user, stupid!
Paranoid security is nice and dandy and totally useless. Security is all about trade-offs. Even Bruce says so: if the cost of a security measure (having to deal with with 73 filesystems) does not outweigh its benefit (protection against cosmic rays changing not only my firewall configuration, but also writing a suid CGI binary and installing that in /usr/lib/cgi-bin), then it's just not worth it. Now of course you might argue that 'having to deal with 73 filesystems' is no cost at all, in which case it would be worth it. But to me, it certainly is a cost, and one I'm not willing to take—even if it did protect me against a real-life problem.
And if someone were to break into my system, I'll just reformat it and recover from back-ups. I won't even have to revoke my GPG key, this time, since it's no longer on the disk.
I agree that multiple filesystems is not needed in a laptop. I only split /home and / myself. What I think is useful is leaving a partition with non-allocated LVM space, though, so that you can do things such as:
kov@abacate ~> cat bin/gkdebuild #!/bin/sh DIST=sid if [ -n "$1" ]; then DIST=$1 shift fi if ! test -e /dev/mapper/vg0-${DIST}; then echo "An lv with that name does not exist!" exit 1 fi LVNAME=${DIST}-pbuilder-$$$$ sudo lvcreate -s -L3G -n ${LVNAME} /dev/vg0/${DIST} sudo mkdir /var/cache/pbuilder/chroots/${LVNAME} sudo mount /dev/vg0/${LVNAME} /var/cache/pbuilder/chroots/${LVNAME} sudo mount --bind /var/cache/pbuilder/aptcache/ /var/cache/pbuilder/chroots/${LVNAME}/var/cache/apt/archives/ pdebuild $@ -- --no-targz --preserve-buildplace --buildplace /var/cache/pbuilder/chroots/${LVNAME} sudo chroot /var/cache/pbuilder/chroots/${LVNAME} umount /proc sudo umount /var/cache/pbuilder/chroots/${LVNAME}/var/cache/apt/archives/ || exit 1 sudo umount /var/cache/pbuilder/chroots/${LVNAME} sudo rmdir /var/cache/pbuilder/chroots/${LVNAME} sudo lvremove -f /dev/vg0/${LVNAME}