[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How efficient is mounting /usr ro?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 09 Oct 2003 at 04:34:12AM -0400, Tarjei Huse wrote:
> Hi,
> The Securing Debian manual suggest one should set the /usr partition to
> ro and use remount when you install new programs. 
> I was just wondering how much security one gains with this. Wouldn't
> most hackers go after the programs in the /bin and /sbin directories
> anyway?

If I r00t your system I'll have access to remount it rw anyhow.  Any
"hacker" who doesn't know how to remount a file system is really lame.
You may slow someone down for 3 seconds until they type:

cat /proc/mounts (Oh, it's ro!)
and then types mount -o remount/rw /usr

Just my $.02...


- -- 
Phillip Hofmeister

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
- --
Excuse #34: Heavy gravity fluctuation move computer to floor rapidly 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/hU9LS3Jybf3L5MQRApOgAJ46cRmVhLyAla8TkotPFDfIpGvYYwCdFSLc
X9qMr61K+a0SKMQiegqcMDg=
=uLGH
-----END PGP SIGNATURE-----
Reply to: