Re: ifupdown writes to /etc... a bug?
On Sat, Mar 22, 2003 at 08:19:24PM -0000, Matt Ryan wrote:
> > Dead simple. try to install a rootkit on a CD or a harddisk with the
> > RO jumper set.
> > You can't write to a read only medium and hacking a drives bios to
> > circumvent the RO jumper is hopefully impossible.
> We are going from the sublime to the ridiculous. Are we suggesting that if
> it was made easier a significant number of Debian users would implement a
> root fs on a ro medium like cdrom? If not (and I suspect this is not the
> case) then without additional layers of security (listed by Russell) we
> don't gain any tangible benefit for the effort involved in implementing
> this. I know software starts out with bugs and problems but it already
> appears non-trivial to implement this (if I am reading the thread on the
> patched mount correctly).
There are other good reasons for wanting / ro, that have been discussed in
this rather huge thread.
Nick Phillips -- firstname.lastname@example.org
Fine day for friends.
So-so day for you.