[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ifupdown writes to /etc... a bug?

On Sat, Mar 22, 2003 at 08:19:24PM -0000, Matt Ryan wrote:
> > Dead simple. try to install a rootkit on a CD or a harddisk with the
> > RO jumper set.
> >
> > You can't write to a read only medium and hacking a drives bios to
> > circumvent the RO jumper is hopefully impossible.
> 
> We are going from the sublime to the ridiculous. Are we suggesting that if
> it was made easier a significant number of Debian users would implement a
> root fs on a ro medium like cdrom? If not (and I suspect this is not the
> case) then without additional layers of security (listed by Russell) we
> don't gain any tangible benefit for the effort involved in implementing
> this. I know software starts out with bugs and problems but it already
> appears non-trivial to implement this (if I am reading the thread on the
> patched mount correctly).

There are other good reasons for wanting / ro, that have been discussed in
this rather huge thread.

-- 
Nick Phillips -- nwp@lemon-computing.com
Fine day for friends.
So-so day for you.
Reply to: