Hi Carl! Well, yes, I guess that would in deed be a very secure solution, but not very easy to administrate. Having a read-only root partition requires quite some work, although there are probably some good HOWTOs out there, describing the nesseccary steps. Another problem is that your read-write area doesn't survive a reboot, so stuff like logfiles (well, you can log to another machine) or squid caches (if you have that) are lost. In short: certainly doable, but IMHO not worth the hassel. Regards, Florian Kirchmeir Carl Albert Schreiber wrote:
Hi Florian & all the others,
additionally to what you said, wouldn't it be a good solution to have: one harddisk (or 2 raid..?) 'writeprotected' with alle the Linux- and the Firewall Stuff and another harddisk or just a old fashion Ram-Disk for all the folders, where the system and/or the programs and services are going to write and to strore in (probably bad english, sorry) With a cron this writeable disk has to be taken care of reguarly, which should be no problem.
Would such a system be a problem or would it be may be saver than the normal way? I'm asking because from my viewpoint it is save and I think it should be the 'default structure', no?
Carl