FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

LinkBack Thread Tools
Old 03-08-2012, 01:22 PM
Default Securing Debian Manual: 4.16.2 The ext2 filesystem specific attributes (chattr/lsattr)


"In addition to the usual Unix permissions, the ext2 and ext3
filesystems offer a set of specific attributes that give you more
control over the files on your system."
What about ext4 and others?

"Now that the capability has been removed from the system, an intruder
cannot change any attribute on the protected files, and thus cannot
change or remove the files. If he forces the machine to reboot (which
is the only way to restore the capabilities bounding set), it will
easily be detected, and the capability will be removed again as soon
as the system restarts anyway. The only way to change a protected file
would be to boot the system in single-user mode or using another
bootdisk, two operations that require physical access to the machine
What about the remote connections?



To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAK5fS_H0gnYbx1NKx3ReTN-QY8bjx0WoKp2inRgVzJVyMDaLLg@mail.gmail.com">http://lists.debian.org/CAK5fS_H0gnYbx1NKx3ReTN-QY8bjx0WoKp2inRgVzJVyMDaLLg@mail.gmail.com

Thread Tools

All times are GMT. The time now is 08:24 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org