On Sun, 1 Sep 1996 12:22:40 -0500 (CDT), Igor Chudov @ home wrote:
Write your web site to a CD-ROM and hard-code the base directory into the webserver.
A hacker who has root can forcibly unmount the cdrom and mount another directory on that node. Not a good solution.
Real hard disks such as RL02's & RK07's have WRITE DISABLE switches....
You can't mount the whole Unix read-only, so there will always be a place to put the hacked web page, and then mount that place over DocumentRoot. If you had enough RAM in the machine, you could disable swapping, send all log files to /dev/nul (or /dev/lp0), run *only* a web server or anything else that can avoid writing to disk (probably no CGI, etc). It wouldn't be too interesting, but then you probably don't want much happening on your web server anyway. You could even wire that write-disable switch or jumper into a keyswitch on the main console.
- "'Anonymity is bad,' says a source who wishes to remain anonymous." - Nuff' said. * Home: Chris Adams <adamsc@io-online.com> | http://www.io-online.com/adamsc/adamsc.htp * Autoresponder: send email w/subject of "send resume" or "send PGPKEY" * Work: cadams@acucobol.com | V.M. (619)515-4894 | (619)689-6579 * Member in good standing of the GNU whirled hors d'oeuvre