Re: read-only file systems

From: Rich Teer (richard.teer@rite-group.com)
Date: 09/11/01


Date: Mon, 10 Sep 2001 19:35:30 -0700 (PDT)
From: Rich Teer <richard.teer@rite-group.com>
To: Heather Flanagan <HeathFla@reciprocal.com>
Subject: Re: read-only file systems
Message-ID: <Pine.GSO.4.33.0109101930560.818-100000@grover.rite-group.com>

On Mon, 10 Sep 2001, Heather Flanagan wrote:

> I know /usr can be comfortably turned in to a read-only file system for
> particularly hardened systems - or at least I can't think of any reason why
> not. Can the same be done with / on Solaris 8?

It depnds on how broken down your / is. Dy definition, most
files under /var for example are written to at some stange.
I suspect that if one separated out /var, / could be made
read only. (Naturally, user data lives on other disks or
partitions.)

--
Rich Teer

President, Rite Online Inc.

Voice: +1 (250) 979-1638 URL: http://www.rite-online.net



Relevant Pages

  • Re: read-only file systems
    ... Subject: read-only file systems ... >> particularly hardened systems - or at least I can't think of any ... > attacker has root they can remount it. ...
    (Focus-SUN)
  • read-only file systems
    ... Subject: read-only file systems ... particularly hardened systems - or at least I can't think of any reason why ... Can the same be done with / on Solaris 8? ...
    (Focus-SUN)
  • Re: read-only file systems
    ... Subject: read-only file systems ... > particularly hardened systems - or at least I can't think of any reason ... Can the same be done with / on Solaris 8? ... going through the insane hassle of trying to make / read only. ...
    (Focus-SUN)
  • Re: read-only file systems
    ... Subject: read-only file systems ... >particularly hardened systems - or at least I can't think of any reason why ... Sinc eyou can't downgrade a r/w root to a ro root, ... Casper ...
    (Focus-SUN)