24 Feb
2021
24 Feb
'21
9:25 p.m.
On Wed, 24 Feb 2021, Theodore Ts'o wrote:
On Wed, Feb 24, 2021 at 10:50:03AM -0700, Grant Taylor
via TUHS wrote:
I first heard this form used in the movie "Aladdin" (the 1992 Disney one,
with Robin Williams).
Being a fan of the golden rule, I would not make,
much less use, that
derivation. I think it completely changes the meaning of the spirit behind
the golden rule.
Oh, sure. I agree completely that it's 180 degrees from the original
golden rule; it had intended to be a joke. Unfortunately, years of
living in a country whre the ones with the Gold really do make all of
the Rules has gotten me to the point where if I don't laugh at it, I
would have to cry.... > I seem to recall hearing about a problem where a
rogue rm could accidentally
> wipe out part of the UEFI. Maybe it was the contents of the /boot/efi
> partition. So, I'd suggest a happy medium of mounting it Read-Only. That
> way it's known to be used /and/ it's protected from a simple rogue rm. It
> can relatively easily be re-mounted as Read-Write when necessary. As well
> as subsequently re-mounted back to Read-Only.
<snip>
As far as making a system more robust against rogue
rm's, I really
like scheme used by ChromeOS, where the entire file system is not only
read-only, but protected by a cryptographic Merkle Tree such that if
malware attempts to modify it, the system will crash. This is
combined with firmware which will only load a kernel with a valid
digital signature, and the user data is stored on an encrypted file
system mounted on /mnt/stateful_partition and it is the only file
system mounted read/write on a ChromeOS system. It violates a lot of
expectations about where files should live on a "normal" Unix or Linux
system, but it's defnitely way more safe and secure.
It may not be as much of a protection, but I replaced the system rm on my
Debian with one based on 4.4BSD (since I already had the code lying
around) to which I added a bit of protection against attempts to "rm -rf
/" after a worm got in and ran an obfuscated version of that...thankfully
it didn't run as the superuser.
I do get occasional "invalid switch" errors from it while using apt, so it
probably uses a gnuism (since afaict, the code I used was strictly
conformant to Posix). Otherwise, it hasn't caused any issues.
-uso.