on Sun, Nov 30, 2003 at 11:21:24PM +0100, Miernik (miernik@ctnet.pl) wrote:
> On 2003-11-30, Karsten M. Self <kmself@ix.netcom.com> wrote:
> >> I recommend making it far larger than in the Debian security doc
> >> though. On my servers I have /boot and /usr read-only, and I've been
> >
> > You can leave /boot unmounted altogether. The only times it needs to be
> > accessed are:
> >
> > - At boot time, where access is direct to partition, and the partition
> > need not be mounted (indeed, can't be).
> >
> > - When examining kernel config files and System maps (read-only)
> >
> > - When installing a new kernel (writeable)
>
> Show me a good reason to separete /boot to a separate partition at
> all. What's the extra security we get out of this?
The kernel file itself isn't available to be mucked with, until _after_
the cracker gains shell, gains root, and remounts the partition.
If your kernel is on physically nonwritable media, this means that you
have, at least, a chance at having a trusted kernel on the system at
reboot.
> In /boot there are only the kernel images. System.map's, kernel
> config, and GRUB config.
>
> All that is writable only by root anyway (perms -rw-r--r-- root.root)
> If an attacker get's rights to write or change perms of files there,
> he can equally easy remount the partition rw.
>
> So what's the point?
The sharp bit at the end.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
The truth behind the H-1B IT indentured servant scam:
http://heather.cs.ucdavis.edu/itaa.real.html
Attachment:
pgp2eEu_wK0Ik.pgp
Description: PGP signature