[TriLUG] purpose of immutable and append-only files?
jeremyp at pobox.com
jeremyp at pobox.com
Tue Oct 30 11:51:15 EST 2001
Hey,
I happened to read about about the special file options for ext2 (and
ext3) filesystems... the "lsattr" and "chattr" commands. It's possibly to
create immutable (read-only) and append-only files. It was said that
immutable files would be good for never-changing config files, and
append-only for things like log files, where you want to be sure previous
logs can't be altered. But since the root user can change these
attributes, what good are they from a security standpoint? How are they
any better than standard file permissions?
Thanks for any insight,
Jeremy
More information about the TriLUG
mailing list