> On Friday 31 May 2002 15:44, Yves Duret wrote: > > Philippe Coulonges <[EMAIL PROTECTED]> writes: > > > I would like to have /usr mounted as read-only. > > > To achieve that, I have to ajust some things in the distro at every > > > update. Could it be fixed, has I think variable files does not have > their > > > place there. > > > > > > This include kscd's /usr/share/apps/kscd/cddb/... > > > Maelstrom and some other games scores files. > > > > and openssl who puts the certs in /usr/lib/ssl/certs > > very bad. but we plan to move every thing under /etc for 9.0 > > thank you to remain me that i have still not do it.. > > Um. > > I'd like to mount /etc ro for security purposes, what's wrong with > /var/share/... ? >
/var/share is wrong by definition, it holds shared files and (in above example) certificate is not probably shared (each host has own). There is nothing wrong in having them in /etc. You generate them once, write into /etc and forget about it :-) -andrej
