On Mon, 12 Nov 2001, David Nicol wrote: > Phil wrote: > > > > On Fri, 9 Nov 2001, David Nicol wrote: > > > > > Phil wrote: > > > > > > > > You could have an absolute symbolic link in your read-only /etc to > > > > > a place you know will be read-write, for instance /dev/shm/etc/... > > > > > > > > > > > > > This won't work for files that are used as flags (/etc/nologin) or > > > > even files that are modified by a moving them and creating > > > > new ones. > > > > > > these could be worked around > > > > how ? > > You might have to patch the application that uses the file. Flag files > could be tested for readability rather than existence, for instance, or > tested for existence with a follow-symlinks option.
That is exactly the point ! I can patch everything without any problem on my machine. But my dream is that everybody fix his own stuff so that everyone can have a read-only /etc out of the box. And for my dream to become real, I need to patch LSB ;) Well, at least I'm trying hard ;) Cheers ! -- Philippe Biondi <pbi@ cartel-info.fr> Cartel Informatique Security Consultant/R&D http://www.cartel-info.fr Phone: +33 1 44 06 97 94 Fax: +33 1 44 06 97 99 PGP KeyID:3D9A43E2 FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2
