On Sat, 24 Jun 2000, Linda Walsh wrote:
> I could see a reason to deny IMMUTABLE to a user -- root might want to
> freeze a user file as 'evidence' of something, but that is a stretch.
Immutable means NOBODY can do anything bad with it, not even root. The
last thing I want is users setting immutable flags on my system.
It's mainly used as some anti-hack thing.
> Other than that, why was setting IMMUTABLE and APPEND-ONLY made to be a
> privileged operation? I could see end users wanting to protect certain
> files with those modes.
I don't. Use permissions.
> Also, APPEND-ONLY seems a bit of a misnomer
> as a file with APPEND-ONLY can still be readable as well.
Append-only means you can only write new data to it, not remove any. Very
handy for log-files :-)
> Just wondering about the rationale for things being the way they are...?
>
> tnx,
> -linda
>
> --
> Linda A Walsh | Trust Technology, Core Linux, SGI
> law@sgi.com | Voice: (650) 933-5338
Igmar
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 26 2000 - 21:00:06 EST