Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Subject: Re: ro hd
From: Ricardo Sediyama (neronSAVENET.COM.BR)
Date: Wed May 03 2000 - 11:43:10 CDT
- Next message: pmspPOLI.ORG: "Encryption (paranoia)"
- Previous message: r.maurizziGVS.IT: "Re: ro hd"
- In reply to: sigippWELLA.COM.BR: "ro hd"
- Next in thread: sigippWELLA.COM.BR: "Re: ro hd"
- Reply: Ricardo Sediyama: "Re: ro hd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
If you want to really lock some directories in (like /bin, /sbin,
/etc), you can try the lids (Linux Intrusion Detection System) kernel
Patch, this Patch will allow you to make some files ready-only or
only append permited (for log files).
You can find lids in www.lids.org. Try it ;-)
- -----Original Message-----
From: Focus on Linux Mailing List
[mailto:FOCUS-LINUXSECURITYFOCUS.COM]On Behalf Of
Sent: terįa-feira, 2 de maio de 2000 11:45
Subject: ro hd
Iīm quite new to the whole security thing, so if this idea sounds
Itīs just an idea. Many exploits normally result in changing some
files. So what if these files would be read only? And what if those
be really read only? I mean physically?
There are several directories which contain files which on normal
should never be written (exept for upgrading). These include /bin,
and /boot. These could all be on one hard disk, while others (/var,
the like) could be on another hard disk. And now the idea/question:
have an idea or an information on how to disable writing (on IDE
be this needs to cut off one wire and/or tie it to ground or some
(+5V?). Or are there disks on the market which have some jumper for
O.k., i donīt want to lock me out, so i would enable/disable that
with a key
from outside. May be the never used keyboard disable key.
Well, just an idea.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----