Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.

From: Al Viro
Date: Sun Dec 16 2007 - 14:48:56 EST

Next message: Rafael Sisto: "shared memory"
Previous message: Gabriel C: "Re: How to Switch DMA off for only one Harddisk at Kernelboot"
In reply to: Indan Zupancic: "Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem."
Next in thread: Tetsuo Handa: "Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Dec 16, 2007 at 05:52:08PM +0100, Indan Zupancic wrote:

> What prevents them from mounting tmpfs on top of /dev, bypassing your fs?

Or binding /dev/null over nodes they want to get rid of...

> Also, if they have root there are plenty of ways to prevent an administrator
> from logging in, e.g. using iptables or changing the password.

Indeed.

BTW, tmpfs with root marked append-only and populated in normal ways on boot
would get a comparable effect without spending so much efforts. Still won't
really help if attacker gains root, but then neither will your variant.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael Sisto: "shared memory"
Previous message: Gabriel C: "Re: How to Switch DMA off for only one Harddisk at Kernelboot"
In reply to: Indan Zupancic: "Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem."
Next in thread: Tetsuo Handa: "Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]