Hi all,
ESXi 5.5.0 build-2718055 installed on SD Card
Basically we had an external company doing some security checks on our infrastructure and they identified the following:
Directory: /var/log is mapped to scratch partition (I think it makes sense as you will have a history of logs surviving reboots);
Directory: /tmp stored within the root file system partition.
They are saying that the /tmp dir is world-writable and any authenticated user to consume all space on the root file system. This could cause a DDoS.
They recommend us to repartition the underlying storage so /var/log and /tmp dirs are located on separate disk partitions.
As far as I understand when installing ESXi5.5 the partitioning is taken care of by the installer, i.e., you cannot partition the drive manually.
What are my options here? Re-point /var/log to another location, remote syslog, etc????
Pretty stuck with this.
Comments are much appreciated.