On Dec 27, 2013, at 5:49 PM, bruce <badoug...@gmail.com> wrote:

> Pete.
> 
> The 1st OS will be the os that gets run, it's the "master".. However
> if I detect that it's hacked, I want to be able to reinstall the OS.

What if the drive dies? What method are you going to use to get back up and 
running as soon as possible? And why is that method invalid for the hacked use 
case? Why wouldn't you have that drive imaged onto another drive, so that if 
the first one dies, you can replace it and be up and running quickly? 
Reinstalling is going to take a while and you have all sorts of unknowns that 
haven't been figured out. It sounds like a Rube Goldberg contraption that 
doesn't really meet the first requirement you have, and can't be easily 
repurposed for other failure cases. So it's a single use kitchen tool that also 
doesn't work very well. I think you need to rethink your approach.

> My approach is to have a 2nd minimal system/OS that has the only
> function to invoke a complete/fresh netinstall to restore/refresh the
> OS on the 1st system.

Nope, won't work. 1st system is compromised? The 2nd one must be assumed to be 
compromised.

> This allows the 1st OS/system to be completely restored, wiping out
> any remnants of the hacked process.

Which as I said before is almost certainly illegal destruction of evidence, you 
should be asking a lawyer about this.


> 
> At the same time, the master/2nd OS will periodically update/restore
> the minimal/1st OS by the 2nd OS/system. This process allows the
> system to be able to be refreshed as required, with a clean OS..

This makes no sense.


> 
> If you have a better approach, I'm open for discussion.

Well no, you chopped that part of the conversation out entirely, twice for me, 
no response to Edward's concerns along the same lines

Chris Murphy
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Reply via email to