Grub2 boot from an ISO image versus fsprotect, which is more secure?

by
Ulysses_
from LinuxQuestions.org on (#4Y82E)
Either of the following two options revert back to a clean initial state in every reboot. Which is the most secure against tampering by remote-controlled malware trying to permanently modify the filing system?

grub2 boot from an ISO image

fsprotect

Quote:
fsprotect uses AUFS to combine two filesystems in one. AUFS does exactly that: It merges two existing filesystems in one and distributes changes among them. For each protected filesystem, fsprotect combines the existing filesystem with a tmpfs, forcing all changes to be written to the tmpfs. This means that nothing is ever written to the disks and all changes are stored in the tmpfs. tmpfs is a memory based filesystem, similar to ramdisk but using VM instead of real memory, allowing its contents to be swapped out.
Quote:
fsprotect uses an initramfs script that runs very early in the boot process, after the root filesystem is mounted but before it is moved to /. It then exchanges the existing filesystem with an aufs and lets the boot procedure continue.
latest?d=yIl2AUoC8zA latest?i=hj472naRB20:U_FJ8y7KEJc:F7zBnMy latest?i=hj472naRB20:U_FJ8y7KEJc:V_sGLiP latest?d=qj6IDK7rITs latest?i=hj472naRB20:U_FJ8y7KEJc:gIN9vFwhj472naRB20
External Content
Source RSS or Atom Feed
Feed Location https://feeds.feedburner.com/linuxquestions/latest
Feed Title LinuxQuestions.org
Feed Link https://www.linuxquestions.org/questions/
Reply 0 comments