RE: How efficient is mounting /usr ro?

To: <debian-security@lists.debian.org>
Subject: RE: How efficient is mounting /usr ro?
From: "Michael Sharman" <michael.sharman@dytech.com.au>
Date: Mon, 20 Oct 2003 10:01:14 +1100
Message-id: <[🔎] 24E36F57378E2A49B8D5EE98904F2E2E031946@osiris.olympus.dytech.com.au>


> -----Original Message-----
> From: Yasar Arman [mailto:yasar.arman@waibschd.de]
> Sent: Friday, 17 October 2003 8:01 PM
> To: Bernd Eckenfels
> Cc: debian-security@lists.debian.org
> Subject: Re: How efficient is mounting /usr ro?
> 
> 
> Bernd Eckenfels wrote:
>  > In article <[🔎] 20031014175455.GH20556@dijkstra.csh.rit.edu> you wrote:
>  >
>  >>A read-only /usr is not a security measure.
>  >
>  >
>  > Depends on your definition og it-security. It reduces 
> downtime, prevents
>  > some admin and software failures and therefore is a 
> security measure.
>  >
> 
> I think,
> 
> you mean safety, not security.
> 
> Safety (eng.)  = Sicherheit (german)
> Security (eng) = Sicherheit (german)
> 
> :-)
> 
> regards,
> yasar
> 
> 
Surely security in a broad sense is about increasing safety, so in this sense, backing up data or making it more difficult to accidently lose data is a security measure.

There's no point being "secure" against one threat (e.g. crackers, script kiddies, viruses) if you don't also protect against the others. Well known security principles such as "least privilege" are equally about stopping accidental damage as they are about stopping malicious damage.
 
Cheers,

Michael

Reply to:

Follow-Ups:
- Re: How efficient is mounting /usr ro?
  - From: Dale Amon <amon@vnl.com>

Prev by Date: Re: How efficient is mounting /usr ro?
Next by Date: Re: How efficient is mounting /usr ro?
Previous by thread: Re: How efficient is mounting /usr ro?
Next by thread: Re: How efficient is mounting /usr ro?
Index(es):
- Date
- Thread