[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SuSE webserver
Quoting John Andersen <jsa@xxxxxxxxxxxxxx>:
>
> On Tuesday 13 July 2004 08:23 pm, suse@xxxxxx wrote:
> > PS: Mounting /usr read-only would be fine if you only managed one or two
> > servers. When you manage two dozen, it quickly becomes too much of a pain
> > in the ass when you have security patches for those read-only files.
> Mount
> > /usr remotely on all of them from a single source and patching that is a
> > great theory until you realize that a single problem can wipe out your
> > whole machine room...
>
> Not if you mount your remote /use directly on top of an existing /usr.
> If you lose your remote, the worst that happens is you fall back to
> a slightly older local copy.
>
Unless there has been some significant changes to NFS since last I looked at
this, the machine in question will lock up on I/O when it can no longer access
the server...
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here