Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Windows Users Come to GNU/Linux, Resistance to Good Change Felt

Homer <usenet@xxxxxxxxxx> writes:

> Verily I say unto thee, that Mark Kent spake thusly:
>
>> I read an argument a few years ago arguing that all system files 
>> should normally be read-only, or even partitions should be set up so 
>> that most of the /boot /[s]bin /usr/[s]bin and so on were on a 
>> partition normally mounted re-only.
>
> That's been my standard practice for years, especially on servers that
> rarely get checked. It's also good practice to use nosuid and noexec,
> unless needed.

Total overkill IMO.

Simply do not give normal users any rights or group access to these
areas. As is normal. As for the noexec and nosuid - give me a break. Can
they "add" to security? Yes - but really necessary in a compromised
system? No. Since the person who has access as root can remount it
himself.


-- 
"What's wrong, (p)Rick?  Were you defending the innocence of Hans "The
Linux Butcher" Reiser, and now that he's about to give up the body
you're embarrassed at being an idiot?"
                  -- DFS <nospam@xxxxxxxx> in comp.os.linux.advocacy

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index