Re: ifupdown writes to /etc... a bug?
> Dead simple. try to install a rootkit on a CD or a harddisk with the
> RO jumper set.
> You can't write to a read only medium and hacking a drives bios to
> circumvent the RO jumper is hopefully impossible.
We are going from the sublime to the ridiculous. Are we suggesting that if
it was made easier a significant number of Debian users would implement a
root fs on a ro medium like cdrom? If not (and I suspect this is not the
case) then without additional layers of security (listed by Russell) we
don't gain any tangible benefit for the effort involved in implementing
this. I know software starts out with bugs and problems but it already
appears non-trivial to implement this (if I am reading the thread on the
patched mount correctly).