Jon Lindgren wrote:

> [ read-only firewall desired ]
> 
> As much as I don't like local spinning disks, maybe it's okay to do
> here.  Thanks for the pointers and ideas.

Does your model sparc have a floppy and can you boot from it (I'm not
really a sparc-aware person)?  One idea that comes to mind is to run
out of an mfs (like the sysinst kernels) with most or all files on the
filesystem marked as immutable.  Load from a write-protected floppy,
that way you don't have a spinning disk.  No need to waste a CD if you
want to change anything.  If a floppy isn't big enough you could do the
same with a small write-protected SCSI disk.

Simon.
--
Simon Burge                            <simonb@wasabisystems.com>
NetBSD Sales, Support and Service:  http://www.wasabisystems.com/