On 2018-11-22 14:55, Alessandro Selli wrote:
On 22/11/18 at 16:25, Didier Kryn wrote:
Le 22/11/2018 à 13:25, Alessandro Selli a écrit :
chown -R a-w /bin
chown -R a-w /sbin
chown -R a-w /lib
Sorry, I meant chmod.
Mounting read-only isn't more secure than marking a directory
read-only. root can change it anytime in a single command.
Do you think root cannot change anytime file's permissions on the
filesystem?
Of course it adds security to the system, because if the filesystem
was mounted ro root HAS to remount it rw in order to be able to do
changes on the filesystem. Should you only change file's permissions
you have NOT protected anything, because I inform you, on any Unix,
since the dawn of Unix time, ROOT CAN DO WHAT IT WANTS REGARDLESS OF
FILE PERMISSIONS!
Didn't you know this? Whom am I debating with, a Windows sysadmin, a
full time Valve gamer, a systemd developer?
You are again blockheadedly ignoring the fact that read-only is *NOT*
the only setting that make sense changing on the /usr filesystem!
There
are several, and I already *twice* listed a few of them: nobarrier,
noatime, iversion, nodev, etc etc.
Do you know so little of filesystem management or are you trolling?
It seems you missed this good advice from Roger Leigh:
"Let me begin by stating that I found your reply (and others) to be
rude, unnecessarily aggressive, and lacking in well-reasoned objective
argument. It's poor communication like this which caused me to
unsubscribe from the Debian lists, and also to this list a good while
back (I only read the digest summary on occasion, and rarely
participate). I find it fosters an unfriendly, unpleasant and
unproductive environment which I don't enjoy working in. When you're
doing this type of work as a part-time volunteer, it's extremely
demotivating and disheartening to be treated this way. It would be
unacceptable in a professional setting, and it's equally unacceptable
here. Please do think about what you have written before sending it; it
costs nothing to be nice, even when you are in disagreement with
someone."
PThere is no need to be rude and insulting (often repeatedly). That
goes for everyone of us.
golinux
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
