Author: Didier Kryn Date: To: dng Subject: Re: [DNG] /usr to merge or not to merge... that is the question
Le 22/11/2018 à 21:55, Alessandro Selli a écrit : > On 22/11/18 at 16:25, Didier Kryn wrote:
>> Le 22/11/2018 à 13:25, Alessandro Selli a écrit :
>>> chown -R a-w /bin
>>> chown -R a-w /sbin
>>> chown -R a-w /lib
>> Sorry, I meant chmod.
>>
>> Mounting read-only isn't more secure than marking a directory
>> read-only. root can change it anytime in a single command.
>
> Do you think root cannot change anytime file's permissions on the
> filesystem?
>
> Of course it adds security to the system, because if the filesystem
> was mounted ro root HAS to remount it rw in order to be able to do
> changes on the filesystem. Should you only change file's permissions
> you have NOT protected anything, because I inform you, on any Unix,
> since the dawn of Unix time, ROOT CAN DO WHAT IT WANTS REGARDLESS OF
> FILE PERMISSIONS!
>
> Didn't you know this? Whom am I debating with, a Windows sysadmin, a
> full time Valve gamer, a systemd developer?
>
> You are again blockheadedly ignoring the fact that read-only is *NOT*
> the only setting that make sense changing on the /usr filesystem! There
> are several, and I already *twice* listed a few of them: nobarrier,
> noatime, iversion, nodev, etc etc.
>
>
> Do you know so little of filesystem management or are you trolling? Plonk.