| 1 |
On 15 August 2017 20:17:20 GMT+02:00, Rich Freeman <rich0@g.o> wrote: |
| 2 |
>On Tue, Aug 15, 2017 at 11:04 AM, Mick <michaelkintzios@×××××.com> |
| 3 |
>wrote: |
| 4 |
>> |
| 5 |
>> I can't recall if I did this myself in a moment of security induced |
| 6 |
>> inspiration. I doubt I did. So how did this happen? What is |
| 7 |
>responsible for |
| 8 |
>> mounting this fs? |
| 9 |
>> |
| 10 |
> |
| 11 |
>It looks like this never did turn into a news item: |
| 12 |
>https://archives.gentoo.org/gentoo-dev/message/35304b0db4de9e06fea322275379fa81 |
| 13 |
> |
| 14 |
>You can remount it as rw if your tools don't do it automatically. It |
| 15 |
>might not hurt to file a bug if one doesn't already exist for the tool |
| 16 |
>that isn't remounting it. |
| 17 |
|
| 18 |
I think mounting it as RO makes sense. Similarly to mounting /boot as RO. |
| 19 |
|
| 20 |
Difference is, and this is why a newsitem would have been useful, /boot is in your fstab and you (should) know you set it to not automount and/or RO. |
| 21 |
|
| 22 |
The efi mount is done automagically and any flags are usually not set by the user/admin. |
| 23 |
|
| 24 |
At least I now know this to be the case when I end up updating the few machines I set up to boot directly using EFI without a bootloader. |
| 25 |
|
| 26 |
-- |
| 27 |
Joost |
| 28 |
-- |
| 29 |
Sent from my Android device with K-9 Mail. Please excuse my brevity. |
Archives