Re: immutable bit?( linux related)

["sumeet" <sumeetsharma30@xxxxxxxxxxx>]

A noble thought indeed... to set the files in the readonly mode... so no
ones can write to them... excellent...
slight problem though... i wanna change my password now... any suggestion
how that will happen???

----- Original Message -----
From: Harshal Vaidya (CTS) <HarshalV@xxxxxxxxxxxxxxxxx>
To: Pune Lug (E-mail) <plug-mail@xxxxxxxxxxxxxxxxxxxxx>; Delhi Lug (E-mail)
<linux-delhi@xxxxxxxxxxxxxxxxxxxxx>
Cc: Topica (E-mail) <PuneIT@xxxxxxxxxx>
Sent: Tuesday, March 20, 2001 11:25 AM
Subject: [linux-delhi] immutable bit?( linux related)


>
> hi everybody,
>
> i have a question.
> thinking about security one of the major fears is of some user
> gaining root access to a system
>   either remotely or locally.
> yesterday i came accross this commands called chattr and lsattr
> which apply to ext2 filesystems
> i learnt that there is this bit which they called the immutable bit
> which can be set or unset using
> the chattr command. Now according to the man pages a file whose
> immutable bit is set can be read
> but cannot be written , renamed , or deleted , however it can be
> copied.
>
> what if we set the immutable bit for /etc/passwd and /etc/shadow.
> both the files would become readonly
> completely.so , there exists no scope of some one changing his UID
> to 0 or gaining root access for that
> matter.
>
> well , please consider that i am new to linux security and i am
> learning fast and these are just some wild ideas
> i keep getting.They may be even stupid sometimes . however , its fun
> to share them with the (linux users group) guys and getting their
> opinions so please comment on this .
>
>
> Thank you,
> Harshal Vaidya.
>
>
>


----------------------------------------------------------------------------
----


> ------------------------------------------------
> An alpha version of a web based tool to manage
> your subscription with this mailing list is at
> http://lists.linux-india.org/cgi-bin/mj_wwwusr
>