* Tarjei Huse <[EMAIL PROTECTED]> [031009 10:55]: > The Securing Debian manual suggest one should set the /usr partition to > ro and use remount when you install new programs. > I was just wondering how much security one gains with this.
I do not think one gets much security out of it. I think the most security one gets by this is that this way /usr has no chance to go corrupt when de power supply fails and less possible corruption make it less propable that a corruption helping an attacker accours. On the other hand if you then forget to remount it rw when updating packages this may corrupt your system helping an attacker in. On the other hand one should not over-estimate the inteligence of script-kiddies. Even those writing the scripts tend to be lousy programers, from what I have seen. Hochachtungsvoll, Bernhard R. Link -- Sendmail is like emacs: A nice operating system, but missing an editor and a MTA.
