Re: stack protection

To: Xavier Roche <roche@httrack.com>
Cc: Debian Devel <debian-devel@lists.debian.org>
Subject: Re: stack protection
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: 21 Aug 2003 11:49:25 +0200
Message-id: <[🔎] 87u18b5oii.fsf@mrvn.homelinux.org>
In-reply-to: <[🔎] Pine.LNX.4.10.10308210923550.15413-100000@linux.localnet.loc>
References: <[🔎] Pine.LNX.4.10.10308210923550.15413-100000@linux.localnet.loc>

Xavier Roche <roche@httrack.com> writes:

> On Thu, 21 Aug 2003, Russell Coker wrote:
> Major issues for a ro-/ are maybe:
> - using devfs for /dev (kernel 2.4 and package devfsd installed)

Alternatively you can copy /dev to a ramdisk.
And please don't use devfsd. That somewhat cancles out half of the
merits of devfs.

You also might want to look at udev since that looks like its replaing
devfs in the future.

> - using tmpfs for /tmp (kernel 2.4?)

Or your own /tmp partition as any good admin would have made. :)

> - transforming several /etc files as symlinks and moving them to some
> other place (/var/etc ?)

Thats pending some year old patches on util-linux (for mount,
/etc/mtab) unless you want to link to /proc/mounts. Anything else is
already patched for this or has no reason to stay in /etc.

> I was wondering if a script-only-package could do that, with a 'Depends:
> kernel-xx(>2.4), devfsd' and proper install scripts? Might be difficult to
> do, but maybe not impossible?
> apt-get install read-only-root :)

Didn't someone package something up that will divert and link some
files already?

MfG
        Goswin

Reply to:

References:
- Re: stack protection
  - From: Xavier Roche <roche@httrack.com>

Prev by Date: Re: Bits from the RM
Next by Date: Re: Debian Weekly News - August 19th, 2003
Previous by thread: Re: stack protection
Next by thread: Re: stack protection
Index(es):
- Date
- Thread