Absolutely not. There are parts of the installation that you could make read-only in theory, but any application needs caches, temporary working spaces and somewhere to write logs. Additionally, JIRA (and most of the other Atlassian apps) need places for data, thumbnails, indices, and and and.
Untangling what parts might be ok if made read only is a big task, and frankly not worth it. If someone has access to the file system to take advantage of read/write files, they've probably already got admin or even root and don't need JIRA to do their bad things.
Fair enough. I'm not worried about malicious access. I would like to ensure that the configuration is uniform across all instances and deploying from version control to a read-only directory is a technique I like to achieve this.
I agree the application needs to write logs, attachments, lucene indices, and temporary files. I was just curious if that could be configured to be separate from configuration directories (e.g. dbconfig.xml. server.xml, or setenv.sh).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.