> Still, it's one of those things where the argument for adding a new
> user-settable immutable flag is probably strongest based on BSD 4.4
> derivitive compatibility, more than its own inherent usefulness.
> Comments?
It's not that much about 4.4-compatibility. It's about the fact that
using sudo to make your regular file append-only for a while is a kludge.
Rationale behind those flags:
a) when used with semantics of normal permission bits they are
useful. By themselves. Normal 12 bits do not cover that.
b) the same functionality is very useful on security-critical
files and directories and there it should be enforced much stronger - in
theory it should withstand root breaches (combined with securelevel, etc.)
or at least leave an audit trail after them.
As for the big change... Nope. I'm testing the patch right now.
It's small. I took 4 bits (0x10000-0x2000) and that should be changed in
the final version, indeed. But that means changing 4 macros. I *had*
a reason to move IMMUTABLE/APPEND_ONLY handling to VFS ;-) And that was
done several months ago. The rest is not large.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/