Hello all, I am trying to harden the embedded system. Is it possible and safe to mount /proc file system in a read-only mode and how to do this? I have embedded system with systemd where /proc is mounted rw. I suspect that systemd mounts it when it bebgns to bootsrtap user space. On my currently idle and small embedded board and on QEMU I was able to remount /proc read-only. But when I changed fstab to mount it as a read-only it is still mounted rw,relatime after reboot. So who mounts it first ? Is it hardcoded in systemd when it starts process of PID 1 or in a kernel? Regards, Lev _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
