Re: Read-only root (/) except /etc

To: debian-user@lists.debian.org
Subject: Re: Read-only root (/) except /etc
From: "Douglas A. Tutty" <dtutty@porchlight.ca>
Date: Sun, 13 Apr 2008 12:04:31 -0400
Message-id: <[🔎] 20080413160431.GB6531@titan.hooton>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20080413151208.24104.qmail@tdc.dircon.co.uk>
References: <[🔎] 20080413151208.24104.qmail@tdc.dircon.co.uk>

On Sun, Apr 13, 2008 at 03:12:08PM +0000, lists2008@skaro.afraid.org wrote:

> I don't *need* things read-only. I would just rather not *need* to 
> have my root filesystem read write. 
> 
> I gave some reasons above for why I would like to be able to crontrol
> if and when the root filesystem is subject to writes.. 

However, consider: as things stand now, only root can alter files which
don't have write permissions for others.  Sure, if the filesystem were
mounted ro then root couldn't write to the files either (or delete
files).  However, root could always remount / rw.  Therefore there is no
security in a system once root is compromised whatever you do.  If root
is not compromised, then standard unix permission scheme will provide
the security.

Doug.

Reply to:

Follow-Ups:
- Re: Read-only root (/) except /etc
  - From: Daniel Dickinson <cshore@wightman.ca>

References:
- Re: Read-only root (/) except /etc
  - From: lists2008@skaro.afraid.org

Prev by Date: Re: bug tracking, especially openoffice
Next by Date: Re: [Totally OT] Re: Hmmm. A question. Was [Re: Debian is losing its users]
Previous by thread: Re: Read-only root (/) except /etc
Next by thread: Re: Read-only root (/) except /etc
Index(es):
- Date
- Thread