True a rom based os is a nice thing, but can you ever
change configuration files? upgrade the kernel? or what about
security patches?
All these will require new card or rom upgrade from the vender
unless they give you some way to do it, possibly a flash rom
in which case someone could hack the box and possibly remotely
burn a backdoor.
IMHO a better way to do things is have the webserver nfs mount
the files from another box, which exports them read only. Then
have the nfs server locked down, even they penitrate your web server
the files are intact, which means one less thing you have to do
for damage control.
Sameer
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Sameer Manek manek @
challenger .
atc .
fhda .
edu
"A mind once streched by a new idea
never regains its original dimentions"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
On Thu, 9 Jan 1997, Alexey Zilber wrote:
> I recieved the previous months copy of The Linux Journal (yes, yes, I know..
> :-) ). And it talks about a rom based stripped down version of Linux that's
> been created, for systems that cannot use components that could be damaged
> from stress (like hardrives). This thing is stored, compressed in rom, then
> gets booted and uncompressed into ram.
> This thing might be good for a hard-coded webserver. While it could
> get hacked, a reboot and a password change should be all that's needed to
> repair it.
> Alex
>
>
References:
|
|
