> > Has any thought been given to restricting the alteration of the immutable
> > flag on the ext2fs to the console. I know it is a quick fix because I have
>
> It doesnt help a bit
>
> > set all my /bin files and /sbin files /boot/vmlinuz /etc/suff immutable
> > and as long as my box is not physically compromised then I should be able
> > to trust that all is well.
>
> If they are able to cause damage your box is going to be very broken if
> they for example deleted all immutable files
>
> > FreeBSD does it through single user mode, which I beleive is inappropriate
> > since you may want to make system file changes on the fly.
>
> There is a proper way to solve this. Use 2.0.37 and redefine the securelevel
> to read from a parallel port or similar and check for a magic code. Now you
> can wire yourself a superuser enable dongle .
>
> Alan
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/