Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 26 Jun 2004 10:44:22 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        MICSKO Viktor <candiru@bazmag.hu>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: setting a disk read only
Message-ID:  <20040626094422.GA73314@happy-idiot-talk.infracaninophile.co.uk>
In-Reply-To: <Pine.BSO.4.58L0.0406260220270.27354@bazmag.sch.bme.hu>
References:  <Pine.BSO.4.58L0.0406260220270.27354@bazmag.sch.bme.hu>
next in thread | previous in thread | raw e-mail | index | archive | help 

--HlL+5n6rz5pIUxbD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Jun 26, 2004 at 02:38:28AM +0200, MICSKO Viktor wrote:

> Is it possible to setting a *whole* disk read only? I mean the way linux
> does it with "hdparm -r 1 device". So adding an -o ro parameter to mount
> isn't enough, I want to be sure that the disk is unmodified.
>=20
> (I have to access an existing raid of 8 disks using vinum without any
> modified bit, because of the highly sensitive data. Any idea doing this
> absolutely securely is welcome too)

Hmmm... SCSI disks can be physically jumpered to be read-only.  I
should think that ATA drives can be treated the same way.  Consult the
manufacturers' data sheets for details.

One point about doing this: if you make the disk physically read-only,
it will work well when mounted read-only on the system.  However, I'm
not so sure what would happen if you accidentally mounted the drive
read-write.  Best case is that the system would refuse to mount the
drive rw: either failing and emitting an error, or complaining and
automatically flipping the mount flags to ro.  Worst case is that
everything will apparently work perfectly fine until the system
attempts to do a write, at which point it will freeze or blow up.  You
might want to test out what happens on a scratch system.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

--HlL+5n6rz5pIUxbD
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFA3UV2iD657aJF7eIRAq8UAJ4yPsZY5TSKVuq7fTdUc4sBPXknQACePKEr
aA2+O/oBKHWB4ylMQ2FFQR4=
=BQHM
-----END PGP SIGNATURE-----

--HlL+5n6rz5pIUxbD--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040626094422.GA73314>