I gotcha.
My problem is I'm always wanting to do updates remotely
and wouldn't want users to have to flip a switch or God forbid reboot.
But a compact flash can be pulled after booting to ramdisk without
harm. That's pretty write protected. Problem is to get access to it
again you'll have to power down.
I would be more interested in a heavily software protected mount,
dd, etc. If these commands were 400 and could only be accessed
via a very secure sudo like thingy. I mean even root could not get to
then without getiing past security. Maybe that's impossible ???
Oh yeah, if you want to solder, break into your IDE cable and run the
write enable thru a switch (don't ask me). If you're clever you might
even not bring the drive down. That would be cool.
Matt Schalit <[EMAIL PROTECTED]> on 04/01/2002 03:14:30 PM
To: Phillip Watts/austin/Nlynx@Nlynx
cc: [EMAIL PROTECTED]
Subject: Re: [Leaf-user] ssh firewall
[EMAIL PROTECTED] wrote:
>
>
>
>
>
>
> Matt Schalit <[EMAIL PROTECTED]> on 03/30/2002 10:22:44 PM
>
> To: [EMAIL PROTECTED]
> cc: (bcc: Phillip Watts/austin/Nlynx)
>
> Subject: Re: [Leaf-user] ssh firewall
>
>
>
> 4) hardware protectable IDE Flash disk module
>
> Explain this one , please .
A mass storage device for a firewall preferrably would
have a way to write protect it. A floppy diskette for
instance has the little tab that you slide into position.
This can not be circumvented by software tricks, ie can't
be circumvented by a potential hacker.
Currently, only a floppies and tapes have hardware write
protect, iirc.
A lot of developers have been keen to gain mass storage
capacity at low cost, but are hampered by a lack of hardware
write protect on hard drives and flash storage.
Mike Noyes picked up an ADM, a flash storage IDE Disk Module,
which was under $20 for 8 MB. It plugs into your ide plug.
If it only had a micro switch on it for write protect, we
would have glory. Four of us got together in San Francisco
a couple of weeks ago at the Linux Embedded Systems Conference
to track down vendors and look for a solution.
For all the details, read the leaf-devel archives thread
called "ADM write protect" and perhaps the earlier one,
"CF (write protect) + IDE adapter" both posted at the
beginning of February.
The current problem is that the ADM is so small that
soldering in a switch to those micro sized surface
mount contact points is looking very tough.
Regards,
Matthew
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
