On Fri, Feb 08, 2002 at 02:57:44PM -0800, Mike Sensney wrote: > At 09:29 AM 2/8/2002 -0600, guitarlynn wrote: > ... > >In other words, how many folks have said: "Can I run LEAF on a > >harddrive (IDE)". We say, "you can, but it is a security risk compared > >to a floppy". What would it mean to be able to say: "You can use a hd, > >but if you want it as secure as the floppy, a $10-20 add-in IDE module > >is available here (link)." I think a lot of people would find this > >useful, IMHO, or maybe I'm thinking too hard and flogging a dead dog! > > A simple question: > > What if during the initial boot process you mount your hard disk as a > read-only device then delete the mount command? Would this be sufficient > protection for a HD? (i.e. Is there any other program that could be used > to remount the HD?) > > Saving config changes could be handled by mounting a config floppy during > the init process that never gets umounted during normal operation.
>From my point of view, i would like to put my config data on a flashdisk or a harddisk as i do not trust floppies very much. What i would like to have is a switch connected or whatever that lets me physically enable write protection on the fly and not only at boot, cause i want to be able to update my system without the need to reboot. I just don't know how to do this for now, but that's my personal goal. So the router is protected as long as the switch is on "write protection", if i change something i have to physically press a switch on this machine... Only achieving protection for the hd could be done using other methods, maybe, like looking for a way to let linux only mount it read only in the kernel or whatever (maybe use grsecurity massivly or LIDS). But i used the Flashdisk cause i wanted to get rid of the floppy drive... So maybe there are different needs out there. --arne _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
