[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SLUG] File system on CD



On Wed, 20 Jun 2001, Peter McCarthy wrote:

> Just wondering if anyone out their has managed to make their Linux box truly
> bullet proof by placing the file system onto a CD.
> I know it might make it a bit inflexable, but I was thinking it must be a great
> way to make your box hack proof.
> Or is this idea just plain stupid ?

It's not stupid - it's been suggested before - but it's certainly
untenable.

You can never have a completely "read-only" unix box. If nothing else, you
need swap space, and space for temporary files - most likely you'd also
need writable home directories, and possibly a couple of others {logs,
mail spool etc}.

Having said this, you *could* put the bulk of the executables etc onto a
CD, and boot from it, leaving only the home directories etc writable -
it'd be hard to update {you'd basically need to keep an identicle, non
production box to make an image from}, and you'd either have to hard code
your /home etc partitions onto the CD for auto-mounting, or manually mount
them once the box starts up.

Since the passwd file would also be on a read only file system, you'd have
to either use a generic account, or create all your users and set their
passwords before writing the CD.

I believe there's at least one distribution which does a "live filesystem
cd" type of setup - stuffed if I can remember which one, though.

DaZZa


-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug