On Sun, Jan 06, 2019 at 09:13:26PM +0300, Lev Olshvang wrote: > > Hello all, > > I am trying to harden the embedded system. Please define exactly what you mean by "harden". > Is it possible and safe to mount /proc file system in a read-only mode and how to do this? Why would you want /proc to be read-only? What is that going to protect you from? What is insecure in there as-is? > I have embedded system with systemd where /proc is mounted rw. Odds are your system needs this that way. If not, then why mount proc at all? Why not just disable the proc filesystem from your kernel entirely and not even worry about it at all? thanks, greg k-h _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
