On Sun, 25 Jun 2000, David Ford wrote:
> Simon Richter wrote:
>
> > > As root you are free to remove flags with chattr regardless of who set them.
> > Not without shutting down the machine.
>
> In kernels past, that would have been true and is a -good- thing. Today we have
> no securelevel to effect this.
>
> I favor the idea Viro has about two level permissions for users and root. user
> level immutable can be removed by root at any time. priviledged immutable
> requires securelevel++ and by that requires reboot for removal of the flag. a
> -very- good thing.
Securelevel is broken, stupid, and inflexible. Insted we have capabilities
and with a minor patch you ahve the same functionality as securelevel (
and then some)..
I don't understand what the purpose of having a user_immutable. Immutable
was put in as some kind of fix for morons who can't comprehend the -f flag
and it's consiquences. It's there as part of a system lockdown function.
If a user doesn't want to delete his files he can remove the w bit, if he
is -f ing hten it's his own damn problem, and if apps are doing it for him
then there are some broken apps. This is no reason to add cruft to the
kernel, and the filesystems.
Almost no one uses immutable as is anyways.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 26 2000 - 21:00:07 EST