is it possible to mount /proc as read-only on embedded system
Lev Olshvang
levonshe at yandex.com
Sat Jan 5 23:22:52 IST 2019
Hello all,
I am trying to harden the embedded system.
Is it possible and safe to mount /proc file system in a read-only mode and how to do this?
I have embedded system with systemd where /proc is mounted rw.
I suspect that systemd mounts it when it bebins to bootsrtap user space.
On my very simple QEMU busybox system with no systemd I was able to remount /proc read-only.
But when I changed fstab to mount it as a read-only it is still mounted
rw,relatime after reboot
So at what s boot stage and how I can mount /proc read-only ?
Perhaps it is hardcoded in busybox init or in systemd ?
Regards,
Lev
More information about the Linux-il
mailing list