Today, Linda Walsh gleaned this insight:
>
> > -----Original Message-----
> > From: owner-linux-kernel@vger.rutgers.edu
> > [mailto:owner-linux-kernel@vger.rutgers.edu]On Behalf Of Alexander Viro
> >
> > Erm... Folks, let me fill in a detail that seems to be missing here. Dunno
> > about BSDI, but 4.4BSD as it had been released (and {Free,Net,Open}BSD)
> > have more elaborate scheme - they have immutable and user-immutable.
> > Rules looks so: immutable is subject to securelevel limitations,
> > user-immutable is a normal attribute (can be set/reset the same way it is
> > for any other permission bit). Either of them prevents modification/unlinking/
> > renaming/creating a link to. That way one can have the security-enforcing
> > behaviour (normal immutable) _and_ normal users can use it as protection
> > on their files. Root can override the user-immutable (as every other
> > permission bit).
> ---
> This makes alot of sense.
>
> I would guess (?) that an accidental 'rm -fr' by root wouldn't remove
> normal 'immutable' files -- but that they would still be required to
> remove the immutable bit first? If not, root couldn't use user-level
> immutable w/o being afraid that they or a root level program wouldn't
> accidently remove the file same as today...
FWIW, I agree with this wholeheartedly.
-- PGP/GPG Public key at http://cerberus.ne.mediaone.net/~derek/pubkey.txt ------------------------------------------------------ Derek D. Martin | Unix/Linux Geek derekm@mediaone.net | derek@cerberus.ne.mediaone.net ------------------------------------------------------- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 26 2000 - 21:00:07 EST