[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Checksums on ftp

On Thu, Apr 27, 2000 at 01:13:34AM -0800, Ethan Benson wrote:
> this contrasts with linux's immutable bit that the superuser may
> remove whenever he wants, making it mostly pointless.  (i read

Yah I looked at it that way too at first.  Fwict, there are still two
advantages to using it however:

a) one means of "security through obscurity" where some folks who do
manage to hack a box will not be aware of the existence of the immutable
bit and will be confused when they are unable to delete the file despite
the necessary permissions (yah this is weak, but nevertheless real)  ;-)

b) more importantly, it will break some "log zapper" scripts often used
by script kiddies.  Some other vulnerabilities would be thwarted also,
where you use a vulnerability in one binary to over-write another
program's configuration file and make it heed your will.

Sorry if my message is a little incoherent, I just woke up and I can
hardly see or think yet.  :)

Reply to: