Do we care about /sbin /bin linked to /usr/lib ?

[Chris Adams]

Once upon a time, Colin Walters <walters at verbum.org> said:
> On Fri, Sep 26, 2008 at 11:34 AM, Chris Adams <cmadams at hiwaay.net> wrote:
> > I use a separate (but not shared) /usr on my servers, and I mount it
> > read-only.
> 
> I suggest using SELinux (if you're not already) instead; it provides
> far stronger security than messing with the filesystem layout ever
> can.

Since you snipped my reasons, can you explain how SELinux protects
against accidental filesystem corruption?
-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.