"Karsten W. Rohrbach" <[EMAIL PROTECTED]> wrote: > there are some real high-impact tweaks to be a little bit safer from > rootkits. one of them is mounting /tmp noexec. drawback: you got to > remount it exec for make installworld. I always wondered... Why are remounts permitted in all securelevels? I mean, in a locked-down system where it's acceptable to force a reboot in order to upgrade (or run a rootkit), I should be able to enforce read-only mounts. Currently anyone (well, root) can just mount -u -w them. Is this an implementation problem in mount(2)? (I haven't looked at the code). Or is this going to break things for people (amd? in high securelevels?). What am I missing? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
