Once upon a time, Colin Walters <walters(a)verbum.org> said:
On Fri, Sep 26, 2008 at 11:34 AM, Chris Adams
<cmadams(a)hiwaay.net> wrote:
> I use a separate (but not shared) /usr on my servers, and I mount it
> read-only.
I suggest using SELinux (if you're not already) instead; it provides
far stronger security than messing with the filesystem layout ever
can.
Since you snipped my reasons, can you explain how SELinux protects
against accidental filesystem corruption?
--
Chris Adams <cmadams(a)hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.