On Tue, 24 Oct 2000, Jon Lindgren wrote:

> On Mon, 23 Oct 2000, Greywolf wrote:
>
> [snip]
>
> > Idea:
> >
> > Mount it as your root disk.
> > Tar up /dev.
> > mount /dev as a mfs.
> > extract from the tarred-up /dev.
> >
> > Somehow.
>
> I thought about that for a while... an MFS which I could tune to exactly
> the size needed to store the mutable sections of the fs... but again, that
> allows local write access, which is something I'm trying to avoid due to
> my overactive paranoia.

	Modify the kernel to only allow writing to specific device nodes,
	and also reject any rename(), unlink(), etc operations.
                David/absolute
			       -- www.netbsd.org: A pmap for every occasion --