[ILUG] History of /etc ?
Colm MacCarthaigh
colm at stdlib.net
Mon May 31 15:10:47 IST 2004
On Mon, May 31, 2004 at 02:56:22PM +0100, Barry Flanagan wrote:
> Well, I can certainly tell you the last time I needed to have /usr
> mounted read-only to make the system more secure in a multi-user
> environment....
Would mounting /usr read-only really make your system more secure?
I mean, nothing in it should be user-writable anyway, and if someone
roots the box, remounting it isn't hard. It actually adds steps to
keeping all of those binaries (which live in /usr) your users might use
or abuse up-to-date. Having a cronjob which does
find /usr -type f -perm -002
and so on isnt hard.
Dear heavens, the last thing I'd want on a multi-user system is the most
important filesystem being remounted several times a week.
--
Colm MacCárthaigh Public Key: colm+pgp at stdlib.net
More information about the ILUG
mailing list