A noble thought indeed... to set the files in the readonly mode... so no
ones can write to them... excellent...
slight problem though... i wanna change my password now... any suggestion
how that will happen???
----- Original Message -----
From: Harshal Vaidya (CTS) <[EMAIL PROTECTED]>
To: Pune Lug (E-mail) <[EMAIL PROTECTED]>; Delhi Lug (E-mail)
<[EMAIL PROTECTED]>
Cc: Topica (E-mail) <[EMAIL PROTECTED]>
Sent: Tuesday, March 20, 2001 11:25 AM
Subject: [linux-delhi] immutable bit?( linux related)
>
> hi everybody,
>
> i have a question.
> thinking about security one of the major fears is of some user
> gaining root access to a system
> either remotely or locally.
> yesterday i came accross this commands called chattr and lsattr
> which apply to ext2 filesystems
> i learnt that there is this bit which they called the immutable bit
> which can be set or unset using
> the chattr command. Now according to the man pages a file whose
> immutable bit is set can be read
> but cannot be written , renamed , or deleted , however it can be
> copied.
>
> what if we set the immutable bit for /etc/passwd and /etc/shadow.
> both the files would become readonly
> completely.so , there exists no scope of some one changing his UID
> to 0 or gaining root access for that
> matter.
>
> well , please consider that i am new to linux security and i am
> learning fast and these are just some wild ideas
> i keep getting.They may be even stupid sometimes . however , its fun
> to share them with the (linux users group) guys and getting their
> opinions so please comment on this .
>
>
> Thank you,
> Harshal Vaidya.
>
>
>
----------------------------------------------------------------------------
----
> ------------------------------------------------
> An alpha version of a web based tool to manage
> your subscription with this mailing list is at
> http://lists.linux-india.org/cgi-bin/mj_wwwusr
>
------------------------------------------------
An alpha version of a web based tool to manage
your subscription with this mailing list is at
http://lists.linux-india.org/cgi-bin/mj_wwwusr
