On Mon, 2004-05-31 at 15:16, Dave Burke wrote:
> Colm MacCarthaigh wrote:
> >
> >On Mon, May 31, 2004 at 02:56:22PM +0100, Barry Flanagan wrote:
> >> Well, I can certainly tell you the last time I needed to have /usr
> >> mounted read-only to make the system more secure in a multi-user
> >> environment....
> >
> >Would mounting /usr read-only really make your system more secure?
> >
> >I mean, nothing in it should be user-writable anyway, and if someone
> >roots the box, remounting it isn't hard.
>> Unless you mount /usr via nfs, and it's exported ro from the nfs server.
>You can then modify the files on the nfs server using an admin host and
>the mount never has to be remounted.
Thank you Dave. And in that way even if the box is rooted, no hard can
come to your /usr filesystem.
--
-Barry Flanagan
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
