Bugtraq mailing list archives
Re: permissions
From: shipley () merde dis org (Evil Pete)
Date: Wed, 18 May 1994 18:09:15 -0700
this way there is not place to install a setuid program/backdoor and most of the system binaries are on a readonly partition.That is a good point. The only problem with making /usr/local readonly is that one must bring the system down to single user to install or update anything, so there would be a tradeoff. Still, being aware of that option, one can make an informed decision whether making local ro is desired. Your partition arrangement above is EXACTLY like mine other than the ro and nosuid options, and order of mounting: /, /usr, /tmp, /usr/local, /var, home.
you can use the command
mount -oremount,rw /usr
to make /usr read/writeable but you will have to reboot to reset
the readonly feature.
Current thread:
- The ISS Program, (continued)
- The ISS Program Paul Robinson (May 10)
- wolves and sheep on the inet Timothy Newsham (May 11)
- Re: wolves and sheep on the inet Gene Spafford (May 13)
- Re: wolves and sheep on the inet Steve Simmons (May 13)
- permissions Perry E. Metzger (May 16)
- Re: permissions Pat Myrto (May 16)
- Re: permissions Evil Pete (May 17)
- Re: permissions Pat Myrto (May 17)
- Re: permissions Gene Spafford (May 17)
- Re: permissions Evil Pete (May 18)
- Re: permissions Evil Pete (May 18)
- [8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX [8LGM] Security Team (May 13)
- iss equivalents *Hobbit* (May 11)
- Source vs. binary for tools Jeremy Epstein -C2 PROJECT (May 12)
- runaway lockd problems (SunOS 4.1.3) Pat Myrto (May 12)
- [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 [8LGM] Security Team (May 12)
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Pat Myrto (May 13)
- Re: [8lgm]-Advisory-7.UNIX.passwd.11-May-1994 Gene Spafford (May 13)
- Re: Time For New Security Package? (was Re: new iss stuff) Mark (May 10)