Re: ifupdown writes to /etc... a bug?
Glenn McGrath <firstname.lastname@example.org> writes:
> On Sat, 22 Mar 2003 13:20:39 -0000
> "Matt Ryan" <email@example.com> wrote:
> > Explain to me how the ro root makes a difference? There is a lot of
> > talk about how difficult it is to install a rootkit when the root fs
> > is ro, but if you already have superuser privileges why can't you just
> > remount root rw and then drop the rootkit in?
Dead simple. try to install a rootkit on a CD or a harddisk with the
RO jumper set.
You can't write to a read only medium and hacking a drives bios to
circumvent the RO jumper is hopefully impossible.
> > If you don't have superuser privilege to do
> > this then you can write to root owned directories (with the correct
> > permissions) anyway?
> You mean you can write to /tmp, how does that help ?
Esspecially with /tmp and /var being noexec and a fixed kernel /