On Mon, May 31, 2004 at 04:09:17PM +0100, Chris Higgins wrote:
> Being able to get to having a read-only /usr, puts us in a position
> to have a firewall ( or other 'secure' system ) that can mount all
> the filesystems that it needs (ro), and run the volatile ones as
also can't you limit what root can do with capabilities - and i'm
guessing one of those capabilities would be to stop the ability to
mount/remount/umount fs's.
kevin
--
kevin at ie.suberic.net ~ nov 2, 04: http://www.tellanamericantovote.com/
only 1 state has less ~ according to the bush campaign, john kerry is the
unemployed then it ~ most liberal member of the senate. they also say
did in 3/01: alaska. ~ he flip-flops on every issue. can both be true?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.linux.ie/pipermail/ilug/attachments/20040531/1f45a6aa/attachment.pgp
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
