As devfs is running by default, it seems to me that
it would be relatively easy to run with a readonly
root partition, assuming that the directories under
which writing is necessary (ie; /tmp, /var, /home)
are located in separate, writable partitions.
The main advantages are that none of the configuration
files or binaries in /etc and /usr (which may still
/etc is rather writable - for example when user changes password.
be on a separate readonly partition) are vulnerable
and the boot process update to /etc/motd). Once these
have been rectified by relocating the files and setting
up symlinks, there have been no problems.
My questions are:
- does anyone else do this?
no that - but i do this on my liveDVD
- if not, why not?
if you will set securelevel to prevent umounts - it may add much to the
but - the same time - you'll have to reboot system to change anything!
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"