Lock out root writes on mounted directory?
Mike Schwartz
mike.l.schwartz at gmail.com
Fri Sep 8 10:58:03 MST 2006
On 9/8/06, Eric Shubes <plug at shubes.net> wrote:
>
> I've created a sandbox for building rpms. It was suggested to me that for
> some directories, such as /bin, /lib, /sbin, I could mount them with
> ro,bind
> options instead of coping or hard linking them. What I've discovered,
> though, is that the ro mount option does not prohibit root from modifying
> a
> mounted directory. Is there any way to mount a directory such that root
> cannot write to it?
> --
> -Eric 'shubes'
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
I could be way off base here,
but have you looked in to access control lists?
I think I read somewhere that FC4 or so,
has an implementation of them
that is comparable to the "ACL" functionality
in some other OS's.
--
Mike Schwartz
Glendale AZ
schwartz at acm.org
Mike.L.Schwartz at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.plug.phoenix.az.us/pipermail/plug-discuss/attachments/20060908/4a5484e3/attachment.htm
More information about the PLUG-discuss
mailing list