Re: How efficient is mounting /usr ro?

[Adam ENDRODI <borso@vekoll.saturnus.vein.hu>]

On Fri, Oct 17, 2003 at 08:57:43PM +0200, Christian Storch wrote:
> Yes, a very sophisticated kind of definition.
> But what about the small gap between theory and practice?

In theory, it approximates the practice :)

> So I think security and availability represent to basic independend points of discussion.
> Security in a sense of preventing of bad impact from outside a system.

My view is that either C, I or A represents an area against which an
attacker or some accident could bring on `bad impact'.  Consider
the simple question `Is my site defaced?'.

To stay on topic, I'm for keeping /usr and /usr/local read-only,
because really nothing should update them except for a few
programs under controlled circumstances (that's what makes
the enforcment of this policy cheap).  In addition, it might
help you notice an intrusion.

(I also got used to remount,ro /, for that matter)

bit,
adam

-- 
1024D/37B8D989 954B 998A E5F5 BA2A 3622  82DD 54C2 843D 37B8 D989      
finger://borso@vekoll.vein.hu | Some days, my soul's confined
http://www.keyserver.net | And out of mind
Sleep forever