On Thu, Apr 24, 2014 at 10:57:39AM +0800, Paul Wise wrote:
> I have written a non-exhaustive list of goals for hardening the Debian
> distribution, the Debian project and computer systems of the Debian
> project, contributors and users.
> If you have more ideas, please add them to the wiki page.

Would a read-only root filesystem goal be feasible ? Might not be by default, 
but this helps a bit, and it may even prevent root from breaking things by 
accident. I don't know if this can be considered a security feature, though, 
but probably in some way.
https://wiki.debian.org/ReadonlyRoot

I have been using my main debian server for few years with a read-only /, and 
the only annoying thing is the 'mount: / is busy' issue after an apt-get update 
phase, but otherwise things are fine.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140607133147.GA16674@proliant.localnet

Reply via email to