LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-17-2009, 07:00 AM   #16
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 814

Original Poster
Rep: Reputation: 69

To TexMex and Hurry Hui,

Thanks for your comments. I'm afraid the live CD option is out as this netbook has no CD drive. I suppose one could boot from a write-protected USB stick, but that's something I've not looked into.

As for installing new software and updates and patches etc., this is my No.4 computer and I'm quite happy to have it 'frozen in time' and only used solely for 'reckless browsing.' I'm not worried unduly about viruses and spyware when I get a fresh new system every day!

Granted, others may see things differently and see my solution as cumbersome, but to me it's absolutely fine. The only argument you've thus far put forward which might be of concern to me is the reduced lifetime of the SSD, but even that is open to question: http://www.storagesearch.com/ssdmyths-endurance.html

So far, the best solution appears to be that from Slimm609, which I'm still waiting for someone to find fault with. :-)
 
Old 04-17-2009, 12:30 PM   #17
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 814

Original Poster
Rep: Reputation: 69
Quote:
Originally Posted by Completely Clueless View Post
So far, the best solution appears to be that from Slimm609, which I'm still waiting for someone to find fault with. :-)
No takers? No matter; I myself have a problem with it. I've edited fstab to mount the drive read-only on boot-up and when I do a "mount" it is confirmed to be read-only. However, for some STRANGE reason as yet beyond me, I can *still* write to it - even as a regular user!! :-(
 
Old 04-17-2009, 01:29 PM   #18
hurry_hui
Member
 
Registered: Oct 2008
Location: Near Jakarta
Distribution: Slackware, Arch, Slax, Porteus, Tiny Core, Slitaz
Posts: 355
Blog Entries: 1

Rep: Reputation: 51
Just do frugal install of slax on SSD, let it run on RAM and do not set change= param in the kernel will make your SSD untouched.

Quote:
However, for some STRANGE reason as yet beyond me, I can *still* write to it - even as a regular user!! :-(
Maybe you need to change something in kernel parameters. Btw, fstab can be override by udev, CMIIW.
 
Old 04-17-2009, 02:03 PM   #19
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 814

Original Poster
Rep: Reputation: 69
Quote:
Originally Posted by hurry_hui View Post
Just do frugal install of slax on SSD, let it run on RAM and do not set change= param in the kernel will make your SSD untouched.
I'm afraid Slax won't recognise my wireless card nor my USB modem without a lot of addional hassle, so much as I love it, it's not suitable for this particular PC.


Quote:
Maybe you need to change something in kernel parameters. Btw, fstab can be override by udev, CMIIW.
I can't help thinking it may be a bug in PCLinuxOS 2009.1. If the "mount" command reports the drive as mounted read-only, yet any user can still write to it, it's kind of hard to see it as anything else. Maybe I should report it?
 
Old 04-17-2009, 02:11 PM   #20
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
I'm going to move this thread to Newbie as, again, you manage to derail your own thread with all sorts of topics. Please try to keep one topic per thread and not view threads as like some random IRC conversation. This will not only help you focus on stuff but will also help those that find the thread later on.
 
Old 04-17-2009, 03:12 PM   #21
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,232
Blog Entries: 5

Rep: Reputation: 190Reputation: 190
AUFS might be a more sensible solution.. Make the File systems readonly, and a writeable overlay. The underlying original filesystem never gets altered. so it's clean at a reboot.

http://aufs.sourceforge.net/

INteresting it seems the EEEPc already uses this approach, as I have run across directions on how to remove it..
http://wiki.eeeuser.com/howto:removeunionfs


Ubuntu how to create a aufs root filesystem
https://help.ubuntu.com/community/au...stemOnUsbFlash
 
Old 04-17-2009, 03:17 PM   #22
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 814

Original Poster
Rep: Reputation: 69
Quote:
Originally Posted by unSpawn View Post
I'm going to move this thread to Newbie as, again, you manage to derail your own thread with all sorts of topics. Please try to keep one topic per thread and not view threads as like some random IRC conversation. This will not only help you focus on stuff but will also help those that find the thread later on.
Might be a good idea to merge it with a parallel thread I'd earlier started there under the subject: "Should I be able to write to a read-only partition??"
 
Old 04-17-2009, 03:28 PM   #23
jamescow
LQ Newbie
 
Registered: Dec 2008
Posts: 12

Rep: Reputation: 0
Quote:
Originally Posted by Completely Clueless View Post
Hi guys,

I like to be sure my system is entirely clean of viruses and other malware and needless clutter, and have come to the conclusion that the best way (for my needs at any rate) to achieve this would be to re-instate the *complete* hard disk contents from scratch every day. This isn't such a big deal as the hard drive in question is only a SSD of 8Gb in size, comprising an MBR and two partitions; 7Gb ext2 for the system and 1Gb swap.

So I would like to image the *entire* pristine disk, save it as a file somewhere on the system, and have it automatically re-install from scratch every night at say 3AM (cron job) so every morning I boot-up to a known good system again. So that's the concept, but as usual its a little ahead of my abilities to implement it. This particular machine is a netbook with no built in CDrom drive, but several memory card slots. Could it be implemented using a script which say accesses an SD card for the clean backup image's location?
Thanks, CC.
I agree with the people saying this is going overboard. I'm still too new to linux to make solid technical arguments against your idea, but it seems very heavy handed and inelegant. Linux is powerful and has so many fine tools to meet your needs, why choose the sledge hammer method? Use the command line to lock down your box and have it run maintenance on itself (keep out "viruses" and clean clutter).
 
Old 04-18-2009, 04:09 PM   #24
English
LQ Newbie
 
Registered: Feb 2004
Posts: 8

Rep: Reputation: 0
Another option that I don't think has been mentioned, would be to use a VMWare machine, using VMWare's free player or server product.

If you set the machine to not save changes when it is powered off, next time you start it up you will get the same "fresh" machine.

Obviously you have the drawback of having to run a virtual machine, but it might be simpler than the other techniques described above.
 
Old 04-18-2009, 04:21 PM   #25
r3sistance
Senior Member
 
Registered: Mar 2004
Location: UK
Distribution: CentOS 5.4, Mac OS 10.4 (tiger)
Posts: 1,005

Rep: Reputation: 79
Well I would have just said a USB Stick with a disable write switch on it and a distribution capable of launching off of USB... that way the distribution is untouchable from the fact you are dealing with a read only media. Personally I think it's OTT to worry about linux desktops, the only real things to worry usually worry about are rootkits and if your distribution isn't acting as a server it's not very likely that a) your'll be targetted and b) their is anything running that rootkits are generally aimed at targetting (i.e. FTP Daemons or Unencrypted protocols (VNC/FTP/etc...) so I'd say it's worrying to the extreme for no real reason.

When your as paranoid as this thread for some reason is... then for VMs, you'd still need a Domain0 or a hypervisor thus you go back to step 0...
 
Old 04-18-2009, 04:28 PM   #26
English
LQ Newbie
 
Registered: Feb 2004
Posts: 8

Rep: Reputation: 0
Quote:
Originally Posted by r3sistance View Post
Well I would have just said a USB Stick with a disable write switch on it and a distribution capable of launching off of USB... that way the distribution is untouchable from the fact you are dealing with a read only media. Personally I think it's OTT to worry about linux desktops, the only real things to worry usually worry about are rootkits and if your distribution isn't acting as a server it's not very likely that a) your'll be targetted and b) their is anything running that rootkits are generally aimed at targetting (i.e. FTP Daemons or Unencrypted protocols (VNC/FTP/etc...) so I'd say it's worrying to the extreme for no real reason.

When your as paranoid as this thread for some reason is... then for VMs, you'd still need a Domain0 or a hypervisor thus you go back to step 0...
Yes, i agree mate. Either linux on a USB or CD is probably the easiest way.

Perhaps people switching from Windows are used to having to fend off malicious software. Thankfully linux is more secure and is not yet attacked with the same ferocity as Windows is.
 
Old 04-19-2009, 01:21 AM   #27
okos
Member
 
Registered: May 2007
Location: California
Distribution: Slackware/Ubuntu
Posts: 609

Rep: Reputation: 37
Regarding security, there does not seem to be a logical reason to reinstall every day. A system can certainly be hardened to the point it is virtually unusable. So I don't think security is the reason.

Perhaps you are a little paranoid of being discovered (caught) doing something illegal.
 
Old 04-19-2009, 04:02 AM   #28
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 814

Original Poster
Rep: Reputation: 69
Angry

Quote:
Originally Posted by okos View Post
Perhaps you are a little paranoid of being discovered (caught) doing something illegal.
Nope. Sure I'm paranoid, but if YOU had discovered the full details of 16 of your credit cards with a combined available limit of WELL over $150k, together with dates of birth, billing addresses and other ID details lying about unencrypted on your HDD in a file that WINDOWS XP PRO (name it and shame it why not) claimed didn't even EXIST and you had to buy third-party forensic software to locate it and wipe it, YOU would be more cautious in future, would you not? You might even switch to another OS, in fact? And never trust ANYTHING 100% again?

BTW, "Slackwars 12.2" - is that the gaming version? ;->

Last edited by Completely Clueless; 04-19-2009 at 04:04 AM.
 
Old 04-19-2009, 06:26 AM   #29
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,453
Blog Entries: 55

Rep: Reputation: Disabled
Quote:
Originally Posted by Completely Clueless View Post
BTW, "Slackwars 12.2" - is that the gaming version? ;->
Could be a reference to the twirly-whirly, upside-downy, back-to-fronty new Slackware logo that had a brief existence a while ago.
 
Old 04-19-2009, 07:30 AM   #30
mrrangerman
Member
 
Registered: Oct 2007
Location: MI
Distribution: Debian Slackware
Posts: 528

Rep: Reputation: 50
I have to agree with everyone that has talked about security, in your OP security is the main idea. I think your time would be better spent focusing on security how to set up and manage iptables. The way I see it (and this is just me) your way of thinking sets bad habits, your idea is have a system that you can go any place on the net and not worry if your system gets viruses mailware or cracked because your just going to make everything new. Well how long before your not on that system and you forget and thus maybe break a system you can't afford to lose data on?

Just my .02
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot boot after fresh installation jpostma Slackware - Installation 11 07-17-2007 07:11 PM
KDE 3.5 - Fresh Installation Toods Slackware 1 12-09-2005 06:45 AM
Fresh Debian Installation quite slow Canaris Debian 10 08-22-2005 03:03 AM
new pc fresh installation prob spooky008 Linux - Newbie 12 01-28-2005 07:09 PM
fresh mandrake 10.1 installation need help cracksternation Linux - Laptop and Netbook 4 12-14-2004 04:23 PM


All times are GMT -5. The time now is 09:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration