On Fri, Sep 26, 2008 at 11:34 AM, Chris Adams <cmadams(a)hiwaay.net> wrote:
Once upon a time, Bill Crawford <billcrawford1970(a)gmail.com>
said:
> Long term, I'll admit that getting rid of separate /usr may be a good idea,
> Solaris appears to have done away with it a while ago (which surprised me,
> since they used to make explicit provision for having shared /usr in their
> package management system).
I use a separate (but not shared) /usr on my servers, and I mount it
read-only.
I suggest using SELinux (if you're not already) instead; it provides
far stronger security than messing with the filesystem layout ever
can.