On Friday 26 September 2008 12:00:18 Colin Walters wrote:
> I use a separate (but not shared) /usr on my servers, and I
mount it
> read-only.
I suggest using SELinux (if you're not already) instead; it provides
far stronger security than messing with the filesystem layout ever
can.
Security should be in layers. But aside from security, this is typically used
to prevent accidental overwrites of important files.
-Steve