Re: How efficient is mounting /usr ro?

To: debian-security@lists.debian.org
Subject: Re: How efficient is mounting /usr ro?
From: Chema <chema.news.gmane@zarco.cjb.net>
Date: Tue, 25 Nov 2003 02:51:54 -0600
Message-id: <[🔎] 20031125025154.000009de.chema.news.gmane@zarco.cjb.net>
References: <1065688451.3033.73.camel@elprinsessekaja.mail.nu.no>

On Thu, 09 Oct 2003 10:34:12 +0200
Tarjei Huse <tarjei@bergfald.no> wrote:

TH> Hi,
TH> The Securing Debian manual suggest one should set the /usr partition
TH> to ro and use remount when you install new programs. 
TH> I was just wondering how much security one gains with this. Wouldn't
TH> most hackers go after the programs in the /bin and /sbin directories
TH> anyway?

Making /usr read-only is not for that kind of security.  It will keep your data safe from corruption (soft one, anyway: a disk crash will take anything with it ;-).  Besides, you can get a better performance formating it with ext2, since you'll not need journaling.

Now, there are ways to mount r-o /bin and /sbin, *and* to disable remounting them rw (unless you reset the box and provide a pass; its a kernel  patch or something which's name I can't remember -- but I want to!!).  There is some blurb about it here:

http://article.gmane.org/gmane.linux.debian.user/114759

And surely in other threads.

Reply to:

Follow-Ups:
- Re: How efficient is mounting /usr ro?
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: Debian servers "hacked"?
Next by Date: Re: How efficient is mounting /usr ro?
Previous by thread: Re: Debian servers "hacked"?
Next by thread: Re: How efficient is mounting /usr ro?
Index(es):
- Date
- Thread