Do we care about /sbin /bin linked to /usr/lib ?
Michael Stone
michael at laptop.org
Fri Sep 26 23:32:27 UTC 2008
On Fri, Sep 26, 2008 at 10:34:35AM -0500, Chris Adams wrote:
>Once upon a time, Bill Crawford <billcrawford1970 at gmail.com> said:
>> Long term, I'll admit that getting rid of separate /usr may be a good idea,
>> Solaris appears to have done away with it a while ago (which surprised me,
>> since they used to make explicit provision for having shared /usr in their
>> package management system).
>
>I use a separate (but not shared) /usr on my servers, and I mount it
>read-only. My reasoning is that / has to be read-write still for some
>things (root's home directory, /etc/passwd and /etc/shadow, etc.). I
>keep a small / that is read-write, but having a good chunk of the
>installed stuff in /usr mounted read-only makes it a little "safer"
>(i.e. an attacker would have to remount it to modify it, filesystem
>corruption is unlikely on a read-only FS, etc.).
I'll mention in passing that OLPC is both extremely interested in (and
well on its way) to shipping something rather like a read-only / as part
of our security and update schemes. (The weasel words are due the fact
that, in our design, we chroot through a symlink tree at boot in order
to permit easy atomic OS updates and use both file-mounted tmpfsen and a
custom NSS module to deal with the small number of writes that still
must be permitted.) Anyway, suffice it to say that I'd enjoy hearing
more about your progress toward a read-only / as you make it.
Regards,
Michael
More information about the fedora-devel-list
mailing list