|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: read-only storage media
From: Will H. Backman (whb
ceimaine.org)
Date: Fri Jul 01 2005 - 10:23:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Kernel security levels may do what you want with less hassle. Machine
would need a reboot before they can be lowered.
See man page (7) for securelevel
> -----Original Message-----
> From: owner-miscopenbsd.org [mailto:owner-miscopenbsd.org] On Behalf
Of
> Matt Garman
> Sent: Friday, July 01, 2005 11:06 AM
> To: OpenBSD Misc
> Subject: read-only storage media
>
> Is there any kind of storage media that can be set as read-only, and
> only reset to read and write by physical access?
>
> I'm thinking about something like the (seemingly ancient) 3.5"
> floppy disks that had that little "switch" you could use to set the
> disk to read only.
>
> Are there any hard drives that have a similar kind of feature?
>
> I'm thinking that this would be nice for a firewall machine: if the
> machine was compromised, it still couldn't be modified (i.e.,
> volumes mounted read only can always be remounted read-write if the
> machine is root compromised).
>
> I'm thinking that I could burn a CD-R (and re-burn it whenever
> there's a configuration change), but it seems like the system might
> have a lot of latency and the CD-ROM drive might prematurely fail.
>
> Any thoughts?
>
> Thanks,
> Matt
>
> --
> Matt Garman
> email at: http://raw-sewage.net/index.php?file=email
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]