Re: immutable flag on ext2fs

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 21 Jun 1999 21:24:43 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dirk Nuyens: "Re: 2.2.10 won't boot w/o keyboard"
Previous message: Ben Laurie: "Re: Fw: Some very thought-provoking ideas about OS architecture."

> Has any thought been given to restricting the alteration of the immutable
> flag on the ext2fs to the console. I know it is a quick fix because I have

It doesnt help a bit

> set all my /bin files and /sbin files /boot/vmlinuz /etc/suff immutable
> and as long as my box is not physically compromised then I should be able
> to trust that all is well.

If they are able to cause damage your box is going to be very broken if
they for example deleted all immutable files

> FreeBSD does it through single user mode, which I beleive is inappropriate
> since you may want to make system file changes on the fly.

There is a proper way to solve this. Use 2.0.37 and redefine the securelevel
to read from a parallel port or similar and check for a magic code. Now you
can wire yourself a superuser enable dongle .

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dirk Nuyens: "Re: 2.2.10 won't boot w/o keyboard"
Previous message: Ben Laurie: "Re: Fw: Some very thought-provoking ideas about OS architecture."