Date: Thu, 8 Feb 2001 23:03:15 -0800 From: "Crist J. Clark" <cjclark@reflexnet.net> To: wlodek <wlodek@infoserve.net> Cc: security@FreeBSD.ORG Subject: Read-Only Partitions Again (was Re: Hi) Message-ID: <20010208230315.R91447@rfx-216-196-73-168.users.reflex> In-Reply-To: <000b01c091f8$fed0fd40$1f1652d1@timberauctiononline.com>; from wlodek@infoserve.net on Thu, Feb 08, 2001 at 09:59:31AM -0800 References: <000b01c091f8$fed0fd40$1f1652d1@timberauctiononline.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 08, 2001 at 09:59:31AM -0800, wlodek wrote: > Hello > I was wonder if you can help me in mounting the FreeBSD in read-only mode > I will need to scenarios one only for two DNS server and one for Http > server: > Here is what I need to know > Which file shall I absolutely move to read -write partition? > I will have three very small HD with task as follow > 1 only swap partition r-w > 2 files system and binaries r only HD > 2 user file r-w but not execute. > Questions are > Which files from the binaries and file system shall I move (and do symbolic > link) on to write able partition? > The above will probably have some variations for apache machine and for bind > machine You will want a writable /var partition. Make everything else on the system a read-only root partition (put what is often broken up into / and /usr in this one partition). If you are changing your zones or webpages with any regularity, you may either want a partition for that or if there is not a lot of space involved, put it on /var too. Also, remember that if your machine is a secondary, you need to write the zone files somewhere. The real trick with having a read-only root partition is how to deal with /dev. Depending on how you use the box, you may be able to get away with a read-only /dev, but it can break things. There are ways to hack around this if you need to. After I've gone to all that trouble to tell you how to do it, I should point out that mounting partitions read-only is not really a security feature. There is no way to prevent root from chaning a read-only mount to read-write (with one very, very ugly exception) if the disk is not write protected at the hardware level. And if we are talking about partitions on the same disk, you cannot have some read-only and some read-write partitions with a hardware read-write protect. And after that, I'll tell you I made a really, really trivial hack to the kernel code so that the mount(2) call is deactivated at raised securelevels which does make read-only mounts a security feature. If you can't find it in the archive, I can dig it up. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010208230315.R91447>