[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: secure file permissions

On Mon, 8 Dec 2003 19:16, "Domonkos Czinke" <domonkos.czinke@keystone.hu> 
> I recommend using the chattr program. You should set them immutable
> chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow. Man chattr.

In a stock Linux kernel the permissions required to "chattr -i" a file are 
exactly the same as those required to write to /etc/passwd or /etc/shadow.

So what does this gain?

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: