Re: How efficient is mounting /usr ro?

To: Michael Sharman <michael.sharman@dytech.com.au>
Cc: debian-security@lists.debian.org
Subject: Re: How efficient is mounting /usr ro?
From: Dale Amon <amon@vnl.com>
Date: Mon, 20 Oct 2003 00:35:19 +0100
Message-id: <[🔎] 20031019233518.GA4707@vnl.com>
In-reply-to: <[🔎] 24E36F57378E2A49B8D5EE98904F2E2E031946@osiris.olympus.dytech.com.au>
References: <[🔎] 24E36F57378E2A49B8D5EE98904F2E2E031946@osiris.olympus.dytech.com.au>

On Mon, Oct 20, 2003 at 10:01:14AM +1100, Michael Sharman wrote:
> Well known security principles such as "least privilege" are 
> equally about stopping accidental damage as they are about 
> stopping malicious damage.

Precisely. If /usr doesn't *REQUIRE* rw in order to function, 
it should not have it. The argument here has been totally
reversed, arguing about why not remove a privilege. That
is not a security argument. The argument must be about
why it must *GIVEN* rw.

Reply to:

Follow-Ups:
- Re: How efficient is mounting /usr ro?
  - From: Michael Stone <mstone@debian.org>

References:
- RE: How efficient is mounting /usr ro?
  - From: "Michael Sharman" <michael.sharman@dytech.com.au>

Prev by Date: RE: How efficient is mounting /usr ro?
Next by Date: Re: How efficient is mounting /usr ro?
Previous by thread: RE: How efficient is mounting /usr ro?
Next by thread: Re: How efficient is mounting /usr ro?
Index(es):
- Date
- Thread