From owner-freebsd-security  Mon Sep 28 02:39:15 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id CAA07910
          for freebsd-security-outgoing; Mon, 28 Sep 1998 02:39:15 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA07887
          for <freebsd-security@FreeBSD.ORG>; Mon, 28 Sep 1998 02:39:10 -0700 (PDT)
          (envelope-from gdonl@tsc.tdk.com)
Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191])
	by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id CAA06305;
	Mon, 28 Sep 1998 02:33:25 -0700 (PDT)
	(envelope-from gdonl@tsc.tdk.com)
Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194])
	by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id CAA01897;
	Mon, 28 Sep 1998 02:33:24 -0700 (PDT)
Received: (from gdonl@localhost)
	by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id CAA03313;
	Mon, 28 Sep 1998 02:33:22 -0700 (PDT)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199809280933.CAA03313@salsa.gv.tsc.tdk.com>
Date: Mon, 28 Sep 1998 02:33:22 -0700
In-Reply-To: Anton Voronin <anton@urc.ac.ru>
       "Re: Booting from NT ?" (Sep 28,  2:36pm)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Anton Voronin <anton@urc.ac.ru>,
        Allen Smith <easmith@beatrice.rutgers.edu>,
        freebsd-security@FreeBSD.ORG
Subject: Re: Booting from NT ?
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sep 28,  2:36pm, Anton Voronin wrote:
} Subject: Re: Booting from NT ?
} Allen Smith wrote:
} 
} > Question... what does happen if one has a R/O root filesystem,
} > including /dev, without DEVFS? I'm constructing a firewall computer
} > with a (switchable - a nice facility of some Seagate drives) hard
} > drive for root, a second writeable drive for /var and swap, and a /tmp
} > MFS. What problems am I likely to run into with /dev? I'd really
} > prefer not to have it as a symlink to /var/dev or some such...

} It needs to write /dev/console but it does this before mounting according to
} fstab. If you protect your hard drive it probably won't work. Try to just
} mount it with -ro option.

That should not be a problem.  You should be able to write to /dev/console
or /dev/null even with a physically write-protected disk, because writes
to these devices don't require changing any of the bits on the disk.

Just be sure to mount the filesystem read-only as well, otherwise the
kernel will get upset when it tries to update the mtime on these devices
and can't because the disk is write-protected.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message