On Wed, 09 May 2007 15:49:45 -0600, darren kirby wrote: > I have heard you can use a separate /usr to enhance security by > mounting it readonly under normal circumstances. This way, bad guys > can't mess with your binaries in /usr/bin and /usr/sbin,
Instead of only being able to get at the really important stuff in /bin and /sbin? > I do have a separate /usr, but do not mount it readonly, as I --sync > enough to make remounting it daily rather annoying. 1) Use a script to remount /usr, sysnc, remount /usr 2) Much better, use a separate filesystem for /usr/portage (or put it on /var) 3) Better still, http://gentoo-wiki.com/TIP_Speeding_up_portage#Make_A_Sparse_File_to_create_portage_in -- Neil Bothwick "One World, One Web, One Program" - Microsoft Promotional Ad "Ein Volk, Ein Reich, Ein Fuhrer" - Adolf Hitler
signature.asc
Description: PGP signature
