Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: [suse-security] Re: Newbie firewall installation question
  • From: Florian Kirchmeir <kflorian@xxxxxxxxxxxxxxxxxx>
  • Date: Mon, 16 Jul 2001 17:47:26 +0200
  • Message-id: <3B530C8E.50A81C3F@xxxxxxxxxxxxxxxxxx>
Hi Carl!

Well, yes, I guess that would in deed be a very secure solution, but not
very easy to administrate.
Having a read-only root partition requires quite some work, although
there are probably some good HOWTOs out there, describing the nesseccary
Another problem is that your read-write area doesn't survive a reboot,
so stuff like logfiles (well, you can log to another machine) or squid
caches (if you have that) are lost.
In short: certainly doable, but IMHO not worth the hassel.

Florian Kirchmeir

Carl Albert Schreiber wrote:

> Hi Florian & all the others,
> additionally to what you said, wouldn't it be a good solution
> to have:
> one harddisk (or 2 raid..?) 'writeprotected' with alle the Linux-
> and the Firewall Stuff and
> another harddisk or just a old fashion Ram-Disk for all the
> folders, where the system and/or the programs and services are
> going to write and to strore in (probably bad english, sorry)
> With a cron this writeable disk has to be taken care of reguarly,
> which should be no problem.
> Would such a system be a problem or would it be may be saver than
> the normal way?
> I'm asking because from my viewpoint it is save and I think it
> should be the 'default structure', no?
> Carl

< Previous Next >
Follow Ups