*BSD News Article 49147


Return to BSD News archive

Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.bsdi.misc
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.kei.com!news.mathworks.com!newsfeed.internetmci.com!news.sprintlink.net!in2.uu.net!spcuna!wlbr!sms
From: sms@wlv.iipo.gtegsc.com (Steven M. Schultz)
Subject: Re: Circumventing immutable file protections
Sender: news@wlbr.iipo.gtegsc.com (System Administrator)
Organization: GTE Government Systems, Westlake Village
Message-ID: <DD4v3C.I6K@wlbr.iipo.gtegsc.com>
References: <DCvE8s.15A@candle.pha.pa.us> <4095br$3tj@kragar.kei.com> <409qef$t3n@Germany.EU.net>
X-Nntp-Posting-Host: wlv.iipo.gtegsc.com
Date: Fri, 11 Aug 1995 06:23:35 GMT
Lines: 15
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.misc:163 comp.unix.bsd.bsdi.misc:622

In article <409qef$t3n@Germany.EU.net>,
Bernard Steiner <bs@Germany.EU.net> wrote:
>
>Note: making / ro is actually possible *if* you have a seperate /var, a
>seperate /tmp *and* provide appropriate soft links such as
>/dev/log -> /var/dev/log so that syslog works. I tried this once, and the
>system continued nicely. I don't see why / should be read-write...

	Ever change your password while / was mounted ro?  Uh, me thinks
	passwd will throw a fit at not being able to change /etc/passwd
	and associated files.  Hmmm, now we need a rw copy of /etc which
	is where any cracker is likely to concentrate anyways...

	Steven Schultz
	sms@wlv.iipo.gtegsc.com