Quote:
Originally Posted by
foad
....
The usual remedy if you want some file(-space) to be protected from roots tampering is to put it off the server: create an NFS share on some remote server, mount it where you want to be protected from roots access and adjust the rights accordingly. This is the common way of i.e. protecting logs from possible tampering.
Let me correct your words here.
This is not a "usual remedy", but it is one
technical control in wide a range of possible technical controls based on the risk profile of the server.
I don't have a lot of time to write a long reply, so let me summarize:
Security is defined, generally, in three areas (1) confidentiality, (2) integrity and (3) availability.
The original poster has not defined which of these are the most critical to their organization / application / server.
For example, the application on this server may be less interested in file integrity than high availability. If that is the case, then having a network mounted device may not provide the insured availability because networks can fail, wires can break, network devices can go down, even unplugged, etc. In one datacenter I worked, I watched a major device fail because a manager rolled his chair (sitting in the chair) over a LAN cable while talking to the team.
Anyway, it is important, when talking about IT security to talk about the risk and define the risk profile; because what is correct for one application / server may not be the best for another; and the controls: (1) techincal,(2) administration and (3) physical.
More later, if this thread gains any traction.