> > Immutable means NOBODY can do anything bad with it, not even root. The
> > last thing I want is users setting immutable flags on my system.
>
> As root you are free to remove flags with chattr regardless of who set them.
Like I said : I don't feel much doing a chattr -i 1000 files.
>
> > It's mainly used as some anti-hack thing.
> >
> > > Other than that, why was setting IMMUTABLE and APPEND-ONLY made to be a
> > > privileged operation? I could see end users wanting to protect certain
> > > files with those modes.
> >
> > I don't. Use permissions.
>
> Permissions don't stop root from deleting a file in one step slip-ups.
Root is god, and should thing zbout what he is doing..
> Permissions don't stop dhcpcd from screwing with your /etc/resolv.conf
> (client that doesn't support the option for NOT messing with it) or similar
> situations.
>
> Linux doesn't support a wide enough ACL list to rely completely on UGO
> permissions.
Agree on that one.
> -d
Igmar
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jun 26 2000 - 21:00:09 EST