On Sun, Dec 16, 2007 at 05:52:08PM +0100, Indan Zupancic wrote: > What prevents them from mounting tmpfs on top of /dev, bypassing your fs? Or binding /dev/null over nodes they want to get rid of... > Also, if they have root there are plenty of ways to prevent an administrator > from logging in, e.g. using iptables or changing the password. Indeed. BTW, tmpfs with root marked append-only and populated in normal ways on boot would get a comparable effect without spending so much efforts. Still won't really help if attacker gains root, but then neither will your variant. - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
