On 01/08/06, Erik Nørgaard <[EMAIL PROTECTED]> wrote:

You usually don't patch up your system everyday. Remount rw do the
patching and remount ro. The problem is more that some 3rd party
applications assume that /usr is writeable. I found the problem more
annoying with / whenever I need to change some system file.



I still disagree. The base OS files which need protecting are already
protected sufficiently. If you don't agree with this then simply remounting
ro is not sufficient. Only with elevated securelevels would this be useful.
Else, anyone who gets root on the box can simply remount rw and do what they
will.

However, most important is to have /tmp on a separate partition. Then
there will only be few writes on /.


Except for useful things like installing additional software. That is
something I do do regularly.

I think it is very valuable to get the system up so I can rescue my
data. Having base system go down along with my data doesn't seem to have
any clear advantages



Mounting / and/or /usr ro will get your systems up faster and that
seemed to be the issue.


You made the point with reference to security, not system recovery. That is
what I am contradicting.

Cheers, Erik


Cheers,
Frem.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to