The Immutable Filesystem — Vastly Reducing Attack Surface

I am working on a novel approach to security by generalizing read-only filesystems in Linux, to prevent malware from modifying files or establishing a foothold in systems.  As far as I know this is a first in InfoSec.  When the whole operating system is set to read-only no changes can be made where it matters, even if the malefactor manages to get root.  This will greatly reduce the attack surface of any system without interfering with its ability to function.

bigdataIn almost all OS installs, system-critical directories and files are set to read-write, at least by root.  Why?  There’s no need.  I say this is unnecessary and leaves open many avenues of attack which are exploited time after time.  An immutable filesystem will eliminate almost all attacks by most of the hacker community, and even makes things difficult for nation-state malefactors.  Oh sure, it’s still possible to inject malware into memory, but that exists anyway and is a different problem.  An old axiom is ‘Good Security is Layering‘.  The Perfect, should not be made the enemy of the Good — and those who make it so end up with nothing.

(more…)