On Sunday 05 March 2006 06:48, John wrote:
I looked into a couple of things and had an idea that the link above plays into with this. What if you simply set the attributes for all of the files you wanted to read-only, set them to immutable, and any further attributes on the build system, but fail to put chattr on the router you are building. This means the files can't be removed, changed, etc on the router and if you tell it to mount Read-only for / on boot, problem solved. That would be the ulta-paranoid approach I would do. That way even if they managed to get it mounted RW, what can they change since the attributes would prevent changes and chattr wouldn't exist on the router.
scp $(which chattr) root@rooted-router:/tmp
Just hack the kernel to disallow writing, toggleable with your ACPI power button. ;)