On 01/08/06, Erik Nørgaard <[EMAIL PROTECTED]> wrote:
You usually don't patch up your system everyday. Remount rw do the
patching and remount ro. The problem is more that some 3rd party applications assume that /usr is writeable. I found the problem more annoying with / whenever I need to change some system file.
I still disagree. The base OS files which need protecting are already protected sufficiently. If you don't agree with this then simply remounting ro is not sufficient. Only with elevated securelevels would this be useful. Else, anyone who gets root on the box can simply remount rw and do what they will. However, most important is to have /tmp on a separate partition. Then
there will only be few writes on /.
Except for useful things like installing additional software. That is something I do do regularly. I think it is very valuable to get the system up so I can rescue my
data. Having base system go down along with my data doesn't seem to have any clear advantages
Mounting / and/or /usr ro will get your systems up faster and that
seemed to be the issue.
You made the point with reference to security, not system recovery. That is what I am contradicting. Cheers, Erik
Cheers, Frem. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"