Re: ifupdown writes to /etc... a bug?
Brian May <firstname.lastname@example.org> writes:
> On Sat, Mar 22, 2003 at 10:16:39AM -0600, John Hasler wrote:
> > Russell Coker writes:
> > > My suggestion to make a minor change to the file naming scheme under
> > > /usr/share to make things easier for SE Linux was shot down even though
> > > it would take very little effort to implement. This ro-root idea takes
> > > considerably more work to implement and I think that it provides
> > > considerably less benefit.
> > R/o root also provides a degree of protection against buggy programs and
> > admin errors. I prefer to minimize the number of r/w partitions.
> RO root on CDROM means you need to create a new CDROM for every upgrade.
Ever heard of CDRW? Does none of your harddisks have a RO jumper?
Using CDR for this would be hard on the environment.
> On the positive side, this means reverting back to an older version
> in case anything is broken with the new version is easy.
> Another potential benifit is that it makes it easier to have all Linux
> routers for instance running a consistant set of Packages, you just
> check that the CDROM is the same version (although there might be issues
> here with variable configuration that still need to be resolved).
> No need to inspect every individual router if a security hole is
> discovered in one, just update the CDROM and distribute as required by
> the organisation's security policy.
nfs mount. / as nfs-root and then you mount server:hostname/etc over
the existing one.
> On the negative side, this means fiddling around with new network
> connections, etc, could be a pain in the neck, as you have to create and
> test a new CDROM each time.
nomore than any other system.
> As to which security tool you use, it really depends on what you are
> trying to secure yourself against. A RO filesystem does nothing to
> prevent looking at private files and/or sniffing the network interfaces
> for passwords, you need something like SE-Linux for that. However, there
> are some features a RO source can have (like those mentioned above) that
> SE-Linux doesn't provide.
So many people want to do a md5sum check of all their files after
being hacked. Why bother? Just press reset, boot from CD and all is
back to the state before the attack.