I work for a company that makes portable devices running Linux and I was recently asked to make the underlying file system read-only for "security" purposes.
Since the distribution is based on LinuxFromScratch, I know that very little writing happens at run time. So, even if the device runs on a usb flash device, I doubt that putting the root file system RO will be that beneficial.
I am actually more concerned about a process actually breaking because it cannot open a file in RW mode than a process going rogue and filling the root file system with log files, etc.
I'd really like to ear what kind of advantages disadvantages there really is with read-only file-systems.
Thanks!
No comments:
Post a Comment