[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    read only disks
From:       Rachel Rosencrantz <rachel () cohiba ! predictive ! com>
Date:       1997-01-02 13:14:28
[Download RAW message or body]

Firewalls-Digest said:
> From: "Jason T. Luttgens" <luttgenj@kic.or.jp>
> Subject: RE: Air Force Web Site Hacked
> 
> I do think read-only media is an interesting idea, by the way :)  Dale is 
> right though, there are still vulnerabilities.  Personally, I like the idea 
> of marking the files immutable myself.  This way, even root can't change the
> content unless the machine is brought down into single-user mode.  Not sure
> how many other operating systems support this other than (the great) BSDI
> though.
> 

I think that pretty much all OS's should have the Read only option
on mounting file systems.  CD roms usually like you to mount them read
only.   However, if one can break into root the disk could be 
unmounted and mounted without shutting down. 

If the system was also taking in data ( such as forms input, and 
of course the access logs) one could put that data on a read write
file system.  This does not remove the underlying problem that these
break ins point to, but it might make it slightly harder to make
it publically visable that someone was caught with their proverbial
pants down. 

Now the ideal thing from the read only perspective (if you
thought this was a way to go) would be if there
was some device that was only writable in a special machine (like
a cd-rom) but could be rewritten (like a disk) by that machine.
Then you could have the read only information mounted
from the device that can only read it, and when the web master
wanted to modify it they could unmount it, pop it in the modification
machine, and make the changes, and re-mount it (actually you'd probably
want 2 copies of the "disk".  One would be in the mod machine (not on
the net) and could make it easy to sit down and make the changes, and
once they are finished the disks could be swapped (the second one updated)
and there would be a minimum of web page down time. 

My understanding of CD's is that they wouldn't work this way since the data
is more "etched" in the the disk somewhat like a record.  

-Rachel

[prev in list] [next in list] [prev in thread] [next in thread]