On 2003-12-01, Karsten M. Self <[EMAIL PROTECTED]> wrote:
>> Show me a good reason to separete /boot to a separate partition at=20
>> all. What's the extra security we get out of this?=20
>
> The kernel file itself isn't available to be mucked with, until _after_
> the cracker gains shell, gains root, and remounts the partition.
And how is the kernel file avialable to be mucked before the cracker
gains shell and root, if the kernel file is on the root partition and
-rw-r--r-- root.root ?
Show me a situation where this would be possible.
> If your kernel is on physically nonwritable media, this means that you
> have, at least, a chance at having a trusted kernel on the system at
> reboot.
--
Miernik ________________________ jabber:[EMAIL PROTECTED]
___________________/__ tel: +48608233394 __/ mailto:[EMAIL PROTECTED]
Sing a declaration against US invasion in Iraq:
http://www.moveon.org/declaration/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
