On 9/8/06, <b class="gmail_sendername">Eric Shubes</b> &lt;<a href="mailto:plug@shubes.net">plug@shubes.net</a>&gt; wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I've created a sandbox for building rpms. It was suggested to me that for<br>some directories, such as /bin, /lib, /sbin, I could mount them with ro,bind<br>options instead of coping or hard linking them. What I've discovered,
<br>though, is that the ro mount option does not prohibit root from modifying a<br>mounted directory. Is there any way to mount a directory such that root<br>cannot write to it?<br>--<br>-Eric 'shubes'<br>---------------------------------------------------
<br>PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.plug.phoenix.az.us">PLUG-discuss@lists.plug.phoenix.az.us</a><br>To subscribe, unsubscribe, or to change&nbsp;&nbsp;you mail settings:<br><a href="http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss">
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss</a><br></blockquote></div><br>I could be way off base here,<br>but have you looked in to access control lists?<br>I think I read somewhere that FC4 or so,<br>has an implementation of them
<br>that is comparable to the &quot;ACL&quot; functionality<br>in some other OS's.<br>-- <br>Mike Schwartz&nbsp;&nbsp;&nbsp;&nbsp;<br>Glendale&nbsp;&nbsp;AZ <br><a href="mailto:schwartz@acm.org">schwartz@acm.org</a><br><a href="mailto:Mike.L.Schwartz@gmail.com">
Mike.L.Schwartz@gmail.com</a>