[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How efficient is mounting /usr ro?

On Tue, Oct 14, 2003 at 01:09:49PM -0400, Michael Stone wrote:
> That's fairly useless as a security measure; I would *not* recommend
> this. It is not difficult for a script kiddie these days to use tools
> that will make this method ineffective for removal (giving you a false
> sense of security).

I'm not sure I see how this is possible. Are you talking about a
hacked rsync? In my own case I do an NFS floppy boot so the
rsync is safe. AFAIK, rsync does a block by block check of each
file and leaves the target files with a set of blocks matching
those on the source system. Any file names not on the source
are removed from the target. I can't see how you could get around
it. Some mucking about with inodes? But then that would get 
cleaned up by a fsck...
Reply to: