Re: read only root file system

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Filipe Brandenburger wrote:
> Is there a way to force the OS to see a SCSI disk or partition as a
> "ro" blockdev like this? Nobody who doesn't have physical access
> cannot write to the root filesystem. And yet you might be able to
> reboot the machine (in "rw" mode, maybe another entry in grub menu?),
> do your updates, and reboot the machine again turning it read-only. It
> would be very useful indeed from the security point of view.

Quite a few HBA's which have out-of-band management interfaces will let
you do something like this, even let you take a single disk collection,
carve it up into volumes, and set read/write acl's per volume.

-- 
Karanbir Singh : http://www.karan.org/ : 2522219@icq
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux