Mike McCarty wrote:
John Wendel wrote:
While reading this thread it occurred to me that if disk drives had a
read-only switch, then systems would be uncrackable. Automated updates
would be impossible, but I could live with a complicated update
process if it would guarantee that my programs couldn't be compromised.
Can someone tell me why this isn't a good idea? There must be a fatal
flaw that I don't see, or else someone would be selling drives like this.
There are several possible interactions. These occur to me immediately.
First, if this were done on a disc which contained the syslogs,
then no syslogs could be made.
You can syslog over the network to a remote machine which accepts only
syslog packets. Onbce upon a time decades ago the solution was to log to
a hardcopy terminal.
Second, if this were done where mount info and so forth get stored,
then the system couldn't boot.
To some extent true, but look at the union filesystem stuff, I think you
could handle this and also see exactly which files were changed.
Third, if this were done to a "data file only" disc, then access time
information could not be stored.
That's not necessarily a bad thing. Mounting noatime or relatime is a
performance trick.
--
Bill Davidsen <davidsen@xxxxxxx>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot