Re: file attribute (append only) [War: ReiserFS]
Heiko Schlittermann <heiko@schlittermann.de> wrote:
> Ich glaub', irgendein BSD macht das so.
Das machen alle aktuellen BSDs so. Hier mal ein Auszug aus securelevel(7)
von OpenBSD 2.8:
-1 Permanently insecure mode
- init(8) will not attempt to raise the securelevel
- may only be set with sysctl(8) while the system is insecure
- otherwise identical to securelevel 0
0 Insecure mode
- used during bootstrapping and while the system is single-user
- all devices may be read or written subject to their permissions
- system file flags may be cleared
1 Secure mode
- default mode when system is multi-user
- securelevel may no longer be lowered except by init
- /dev/mem and /dev/kmem may not be written to
- raw disk devices of mounted file systems are read-only
- system immutable and append-only file flags may not be removed
- kernel modules may not be loaded or unloaded
2 Highly secure mode
- all effects of securelevel 1
- raw disk devices are always read-only whether mounted or not
- settimeofday(2) may not set the time backwards
- ipf(8) and ipnat(8) rules may not be altered
- the ddb.console and ddb.panic sysctl(8) variables may not be
raised
Es kann sein, dass es da leichte Unterschiede zwischen den einzelnen BSDs
gibt.
AFAIK bietet Linux-2.4 mittlerweile eine ähnliche Einrichtung wie die
Securelevels der *BSDs.
Bye
Michael
--
Bootest du noch einen Linux Kernel bevor du KDE startest?
(Christian Leber in uugrn@linuxbbs.org)
--
-----------------------------------------------------------
Um sich aus der Liste auszutragen schicken Sie bitte eine
E-Mail an debian-user-de-request@lehmanns.de die im Subject
"unsubscribe <deine_email_adresse>" enthaelt.
Bei Problemen bitte eine Mail an: Jan.Otto@Lehmanns.de
-----------------------------------------------------------
709 eingetragene Mitglieder in dieser Liste.
Reply to: