Re: immutable bit
From: John Summerfied (debian_at_herakles.homelinux.org)
Date: 11/30/05
- Previous message: Gerhard Magnus: "RE: playing audio CDs on FC4"
- In reply to: Deron Meranda: "Re: immutable bit"
- Next in thread: John Summerfied: "Re: immutable bit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 30 Nov 2005 10:42:52 +0800 To: For users of Fedora Core releases <fedora-list@redhat.com>
Deron Meranda wrote:
> On 11/29/05, James Wilkinson <fedora@westexe.demon.co.uk> wrote:
>
>>preeti malakar wrote:
>>
>>>Why is the immutable bit of all system binaries viz files in /sbin, /bin, /usr
>>>not set, so that none can change or delete them?
>>
>>As Paul said, that would stop yum and rpm from upgrading those programs
>>(say if the immutable binary has a security bug).
>
>
> Also that would cause the prelink cronjob to fail...since it does
> intentionally modify files.
>
> There's nothing of course to keep you from setting the immutable
> bit. And if you're building a super hardened system perhaps you
If you're that paranoid, a ro filesystem's hard to beat.
>
-- Cheers John -- spambait 1aaaaaaa@computerdatasafe.com.au Z1aaaaaaa@computerdatasafe.com.au Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ do not reply off-list -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Gerhard Magnus: "RE: playing audio CDs on FC4"
- In reply to: Deron Meranda: "Re: immutable bit"
- Next in thread: John Summerfied: "Re: immutable bit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
