> On 12 Aug 1999, Nat Lanza wrote:
>
> > > - The flag can be set by any user
>
> Let me clarify this: ...on his files.
>
> > > - The owner may not change
> > > - The file can not be read
> >
> > Wait, so any user can cause any file on the system to become
> > unreadable? I suspect the script kiddies would have fun with setting
> > that flag on root-owned files. Even if the owner can unset the flag,
> > you could disrupt a lot of things by causing various files to be
> > temporarily unreadable.
>
> Good point, but they can have almost as much fun doing chmod 000
> /etc/passwd. :-)
>
> I think you cannot secure your system against being brought down and
> important parts deleted. This is what backups are for. The whole purpose
> of this flag would be to protect my private data from being read, not to
> free me from the obligation to keep backups.
>
> An idea would be to allow setting this flag only on files that are truly
> executable in the way that the kernel recognizes them, but...no. :-)
>
As root I can just read the raw partition. If you break that you break
ex2fsck.
Gerhard
-- gmack@imag.net<>< As a computer I find your faith in technology amusing.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/