> I've just come across the fenomenon that the ext2fs APPEND
> flag can only be set by root...
>
> Now I wonder why? Why was this done and what are the security
> implications of allowing normal users to set the APPEND-only
> flag on their own files?
This would break things such as "userdel -r", as the flag must be unset
before removing such files (even as root). This would make things like
userdel unportable without a kludge for Linux...I wouldn't want this.
Also, we use "chattr +a .bash_history" on our web servers for suspicious
users -- it also wouldn't be good if they could undo this. This is just a
specific application, however.
Simon-
| Simon Kirby | Systems Administration |
| mailto:sim@netnation.com | NetNation Communications |
| http://www.netnation.com/ | Tech: (604) 684-6892 |
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html