On Mon, 9 May 2005, R. Armiento wrote: > Good point. But if you have put everything else that requires write > access in separate partitions (eg., /var, /tmp) perhaps one can mount > the whole '/' filesystem read-only? I have never tried that, but if you > mount /usr read-only to protect your binaries, one would think that you > should want to protect your /bin and /sbin binaries in a similar way?
you cannot use the same scheme /bin and /sbin ( /lib ) are needed to boot .. before it goes around mounting stuff unless oyu have a special statically linked binaries in /boot where booting starts from on the boot media ( fd, cd, cf, usb, .. even your hd ) /bin and /sbin should already be "protected" as root.root and 755 but /sbin should probably be 750 ... no user access googlezillion ways to protect your system and data read only stems is nice.. but you can get around it too depending on which "read only" method you used ---- if one is super paranoid about the "three letter agencies" finding stuff ... encrypt ( with 4096bit keys ) everything in your files c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
