|
From: Eric H. <eha...@ma...> - 2001-08-11 03:34:39
|
On Fri, 10 Aug 2001, Jim McQuillan wrote: >Eric, > >Maybe I don't understand your comment about mounting ltsroot 'ro'. > >It is exported Read-only. > >Here's the line from the /etc/exports file, as it is setup >by the lts-core package: > > /tftpboot/lts/ltsroot 192.168.100.0/255.255.255.0(ro,no_root_squash) > Healthy paranoia. Redundant security mechanisms are a good thing, especially when the authentication/authorization is delegated to the client and the vast majority of your clients happen to be high school students. Redundant security mechanisms are especially nice if they are easy to implement, such as if ltsroot was put somewhere where it would be easy to mount the partition read only. This falls under "it would be nice" rather than "this is a must" ;-) -Eric |
