I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
This is because most of the file system is read-only, because the gateway should not be able to get to a state where it canβt just reboot and everything is fine again.
Sounds like that the use of an almost read-only file system will also improve its security.
IMHO the greatest advantage of the write-only read-only filesystem on an embedded device is that a restart of the device is more likely to fix a bad state and make the device boot successfully.
Yes, on my specific device, the /data dir was already mounted as read-write.
I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
Sounds like that the use of an almost read-only file system will also improve its security.
So only the
/datadir is writable?IMHO the greatest advantage of the
write-onlyread-only filesystem on an embedded device is that a restart of the device is more likely to fix a bad state and make the device boot successfully.Yes, on my specific device, the
/datadir was already mounted as read-write.I think you meant
read-onlyinsteadwrite-onlyin your reply?I did π