Andi Kleen wrote:
> > > Even root cannot delete immutable and append-only files again. So
> > > if every user was allowed to do that he/she could create a lot of
> > > problems for root (like creating undeletable files in /tmp)
> >
> > Root is already privileged to set/unset those bits on any file regardless
> > of ownership. It does not follow that this would change if users could
> > set those bits on their own files.
>
> In the original implementation (pre 2.0) that wasn't the case when secure
> level was > 0. securelevel was dropped later because it was broken.
> The root restriction is a leftover.
Given that, it might be useful to enable IMMUTABLE for ordinary user
files.
Here's a use:
cp -al kernel kernel-branch
chattr -R +i kernel
Proceed to edit files in `kernel-branch'-- safely knowing that nothing
you do there will alter the files in `kernel'. (Otherwise commands like
`prog > file' and some editors will change the hard-linked files).
enjoy,
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 26 2000 - 21:00:05 EST