Re: immutable bit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: immutable bit
From: John Summerfied <debian@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Nov 2005 10:42:52 +0800
In-reply-to: <5c06fa770511290803q2701e4a3t28cf0a5cb3da32df@xxxxxxxxxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <d38630350511282335s33a5f1e1mcc0ebb3d938f5a88@xxxxxxxxxxxxxx> <20051129130713.GB5974@xxxxxxxxxxxxxxxxxxx> <5c06fa770511290803q2701e4a3t28cf0a5cb3da32df@xxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20050417

Deron Meranda wrote:

On 11/29/05, James Wilkinson <fedora@xxxxxxxxxxxxxxxxxxx> wrote:

preeti malakar wrote:

Why is the immutable bit of all system binaries viz files in /sbin, /bin, /usr
not set, so that none can change or delete them?


As Paul said, that would stop yum and rpm from upgrading those programs
(say if the immutable binary has a security bug).



Also that would cause the prelink cronjob to fail...since it does
intentionally modify files.

There's nothing of course to keep you from setting the immutable
bit.  And if you're building a super hardened system perhaps you


If you're that paranoid, a ro filesystem's hard to beat.



--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

do not reply off-list

References:
- immutable bit
  - From: preeti malakar
- Re: immutable bit
  - From: James Wilkinson
- Re: immutable bit
  - From: Deron Meranda

Prev by Date: Is my hard drive ok ?
Next by Date: Re: Logwatch problem
Previous by thread: Re: immutable bit
Next by thread: Re: immutable bit
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux