[ale] Help with server setup

Ed Cashin ecashin at noserose.net
Tue Sep 15 16:30:29 EDT 2009


On Tue, Sep 15, 2009 at 4:22 PM, Jim Kinney <jim.kinney at gmail.com> wrote:
> you remove the chattr command from /sbin once you are done marking
> your system all read-only just before the reboot.

Hmm.  I might be missing the point.  It seems like root could just
mount a tmpfs and build a new chattr in there---Removing chattr
seems more like an inconvenience to a would-be attacker than a
real preventative measure.

-- 
  Ed Cashin <ecashin at noserose.net>
  http://noserose.net/e/


More information about the Ale mailing list