[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Secure 2.4.x kernel - readonly

On Tuesday, December 25, 2001, at 08:34 , Alvin Oga wrote:

On Mon, 24 Dec 2001, Anthony DeRobertis wrote:

making the disks readonly is not trivial ...
lots of work  to make it readonly.. a fun project ...

Not really. Nothing should write anywhere except /var and /tmp
(did I miss any). Also, if you have users, then /home.

/etc is written into by the kernel ( for mounts/unmounts )

No, the mount ant unmount commands update /etc/mtab. If they can't, not much breakage results.

/proc if you use it is writable

Yes, to change kernel parameters. But you can't sore binaries there.

vi /etc/foo.conf  will sometimes create /etc/foo.conf.swp

Not if /etc is read-only.

By using ramdisks, you can easily make the entire file-system
read-only; you need only hit reset restore.

yes... but if an instruder got in ... you'd have to patch the hole
they used and rebuild a new ramdisk images

Yes, you need a new boot disk. What I was thinking of was a boot CD which creates empty ramdisks for /var/run, /tmp/, etc. Security problem? Burn a new CD, pop it in the drive, hit reset.

Reply to: