Mdthbs

Electricity free spaceship

Java Servlet & JSP simple login

Does putting salt first make it easier for attacker to bruteforce the hash?

Was planting UN flag on Moon ever discussed?

Can a human be transformed into a Mind Flayer?

If there's something that implicates the president why is there then a national security issue? (John Dowd)

How to safely destroy (a large quantity of) valid checks?

Why does this query, missing a FROM clause, not error out?

Separate SPI data

How long is it safe to leave marker on a Chessex battle map?

Amplitude of a crest and trough in a sound wave?

Solving ‘Null geometry…’ error during distance matrix operation?

Does the new finding on "reversing a quantum jump mid-flight" rule out any interpretations of QM?

Write a function that checks if a string starts with or contains something

Grep Match and extract

Please figure out this Pan digital Prince

Prob. 5, Sec. 6.2, in Bartle & Sherbert's INTRO TO REAL ANALYSIS, 4th ed: How to show this function is strictly decreasing using derivative

Why did Intel abandon unified CPU cache?

Live action TV show where High school Kids go into the virtual world and have to clear levels

Why Does Mama Coco Look Old After Going to the Other World?

Non-aqueous eyes?

Is it safe to change the harddrive power feature so that it never turns off?

How do i export activities related to an account with a specific recordtype?

Do people with slow metabolism tend to gain weight (fat) if they stop exercising?

Preventing corruption: read-only root filesystem vs. read-only permissions

vsftpd on Ubuntu not obeying filesystem permissionslive dd over a mounted read-only root partitionCorruption-proof SD card filesystem for embedded Linux?How would you assign read-only permissions to run ls -l /proc/{pid}/fd for processes you don't ownUntar a filesystem to device as normal user but maintaining the correct UID and GIDPreventing Filesystem Corruption in Linux Embedded SystemARM system booting from SD card with uboot - how to put everything in one FAT partition?Read-only filesystem - Considerations and Loss of FunctionalityOther permissions apart from filesystem accessRead-only filesystem for fastest boot?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

0

I'm developing an embedded Buildroot OS for the Raspberry Pi. This system will be turned off by simply removing power (there will be no shutdown timer), therefore it must be able to handle poweroff without corruption of the SD card.

Currently the system is using a read-only squashfs for it's root filesystem, and this works well. However, it lacks flexibility because, obviously, the partition cannot be written to. The only way to install new software, for example, is to rebuild the entire OS in Buildroot.

I'm wondering if a better solution would be to utilise user permissions to prevent all writing to the SD card except in certain controlled circumstances. I'm thinking that I will simply do a chmod -R u-w / on the entire filesystem, preventing the user from writing anything anywhere. Then, in order to write something, the user must authenticate with sudo.

Is this a robust approach to take?

One problem I can foresee is that processes run by the OS at boot will be run as root, and would therefore have write permissions. I would need to find a way to disallow the operating system from writing anything to the root FS unless it is explicitly commanded to by the user. Has anyone done this before? Is it possible to start system processes as a user other than root? And are there other concerns with using a writeable partition that I haven't thought of?

permissions raspberry-pi embedded corruption buildroot

share|improve this question

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Then why do you write boot processes that writes to filesystem if you don't want it to write?
  
  – 炸鱼薯条德里克
  25 mins ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I don't understand your comment sorry
  
  – Jeremiah Rose
  16 mins ago
  

  
  
  
  

add a comment | 

0

I'm developing an embedded Buildroot OS for the Raspberry Pi. This system will be turned off by simply removing power (there will be no shutdown timer), therefore it must be able to handle poweroff without corruption of the SD card.

Currently the system is using a read-only squashfs for it's root filesystem, and this works well. However, it lacks flexibility because, obviously, the partition cannot be written to. The only way to install new software, for example, is to rebuild the entire OS in Buildroot.

I'm wondering if a better solution would be to utilise user permissions to prevent all writing to the SD card except in certain controlled circumstances. I'm thinking that I will simply do a chmod -R u-w / on the entire filesystem, preventing the user from writing anything anywhere. Then, in order to write something, the user must authenticate with sudo.

Is this a robust approach to take?

One problem I can foresee is that processes run by the OS at boot will be run as root, and would therefore have write permissions. I would need to find a way to disallow the operating system from writing anything to the root FS unless it is explicitly commanded to by the user. Has anyone done this before? Is it possible to start system processes as a user other than root? And are there other concerns with using a writeable partition that I haven't thought of?

permissions raspberry-pi embedded corruption buildroot

share|improve this question

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Then why do you write boot processes that writes to filesystem if you don't want it to write?
  
  – 炸鱼薯条德里克
  25 mins ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I don't understand your comment sorry
  
  – Jeremiah Rose
  16 mins ago
  

  
  
  
  

add a comment | 

I'm developing an embedded Buildroot OS for the Raspberry Pi. This system will be turned off by simply removing power (there will be no shutdown timer), therefore it must be able to handle poweroff without corruption of the SD card.

Currently the system is using a read-only squashfs for it's root filesystem, and this works well. However, it lacks flexibility because, obviously, the partition cannot be written to. The only way to install new software, for example, is to rebuild the entire OS in Buildroot.

I'm wondering if a better solution would be to utilise user permissions to prevent all writing to the SD card except in certain controlled circumstances. I'm thinking that I will simply do a chmod -R u-w / on the entire filesystem, preventing the user from writing anything anywhere. Then, in order to write something, the user must authenticate with sudo.

Is this a robust approach to take?

One problem I can foresee is that processes run by the OS at boot will be run as root, and would therefore have write permissions. I would need to find a way to disallow the operating system from writing anything to the root FS unless it is explicitly commanded to by the user. Has anyone done this before? Is it possible to start system processes as a user other than root? And are there other concerns with using a writeable partition that I haven't thought of?

permissions raspberry-pi embedded corruption buildroot

share|improve this question

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284

share|improve this question

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284

share|improve this question

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284

asked 29 mins ago

Jeremiah RoseJeremiah Rose

1284