SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-21-2008, 04:38 AM
| |||
| |||
 Re: Making files unremovable by root Fred FLintstone wrote: > Is there a way to make a file unremovable by root? > I have read the chmod man page but don't find anything there. > > Anyone else got any ideas? Other than mounting the filesystem read-only ... no. Root is all powerful. This is part of the reason it's recommened that you don't login as root. Steve      |
|
02-21-2008, 04:38 AM
| |||
| |||
| Re: Making files unremovable by root Steven J Masta <smasta@earthlink.net> wrote: > > Other than mounting the filesystem read-only ... no. Root is all > powerful. This is part of the reason it's recommened that you don't > login as root. Heh, you can prefix the name with a '-' which will make it harder for someone who doesn't know what they are doing to remove it from the command line.... - Kurt |
|
02-21-2008, 04:38 AM
| |||
| |||
| Re: Making files unremovable by root Steven J Masta wrote: > Fred FLintstone wrote: >> Is there a way to make a file unremovable by root? >> I have read the chmod man page but don't find anything there. >> >> Anyone else got any ideas? > > Other than mounting the filesystem read-only ... no. actually, that's only partially true. on ext2 file systems, you can use chattr to set the i attribute, which makes the file unmodifiable and undeletable, even by root. AFAIK ext2/3 is the only file system that supports this, though. -- Joost Kremers joostkremers@yahoo.com Selbst in die Unterwelt dringt durch Spalten Licht EN:SiS(9) |
|
02-21-2008, 04:38 AM
| |||
| |||
| Re: Making files unremovable by root Joost Kremers wrote: > Steven J Masta wrote: >> Fred FLintstone wrote: >>> Is there a way to make a file unremovable by root? >>> I have read the chmod man page but don't find anything there. >>> >>> Anyone else got any ideas? >> Other than mounting the filesystem read-only ... no. > > actually, that's only partially true. on ext2 file systems, you can use > chattr to set the i attribute, which makes the file unmodifiable and > undeletable, even by root. AFAIK ext2/3 is the only file system that > supports this, though. > XFS supports this as well |
|
02-21-2008, 04:38 AM
| |||
| |||
| Re: Making files unremovable by root Fred FLintstone wrote: > Is there a way to make a file unremovable by root? > I have read the chmod man page but don't find anything there. Another question: Why should someone need something like this? You *have* *to* create a regular user for your daily work! CU Manuel |
|
02-21-2008, 04:38 AM
| |||
| |||
| Re: Making files unremovable by root Joost Kremers wrote: > Steven J Masta wrote: >> Fred FLintstone wrote: >>> Is there a way to make a file unremovable by root? >>> I have read the chmod man page but don't find anything there. >>> >>> Anyone else got any ideas? >> Other than mounting the filesystem read-only ... no. > > actually, that's only partially true. on ext2 file systems, you can use > chattr to set the i attribute, which makes the file unmodifiable and > undeletable, even by root. AFAIK ext2/3 is the only file system that > supports this, though. > But root has the ability to remove the attribute (chattr -i file). It is not possible to make a file really non removable by root. But why would you like that? Olive |
|
02-21-2008, 04:38 AM
| |||
| |||
| Re: Making files unremovable by root Olive wrote: > But root has the ability to remove the attribute (chattr -i file). yes, of course. but setting the attribute means root cannot accidentally remove the file. > It is > not possible to make a file really non removable by root. But why would > you like that? i don't know... -- Joost Kremers joostkremers@yahoo.com Selbst in die Unterwelt dringt durch Spalten Licht EN:SiS(9) |
|
02-21-2008, 04:38 AM
| ||||
| ||||
| Re: Making files unremovable by root Joost Kremers <joostkremers@yahoo.com> wrote: >Olive wrote: >> But root has the ability to remove the attribute (chattr -i file). > >yes, of course. but setting the attribute means root cannot accidentally >remove the file. I don't see that as valid, but... >> It is >> not possible to make a file really non removable by root. But why would >> you like that? > >i don't know... I recall a dozen years or so ago that BSDI's unix had attributes that could only be set during boot, or something like that. The effect was that it required not just root access, but physical access to do real damage. I don't recall the details though. But the same effect can easily be accomplished today by mounting a DVD filesystem (or even booting a live DVD). It requires more than logging in as root over a network connection to alter the filesystem. -- Floyd L. Davidson <http://www.apaflo.com/floyd_davidson> Ukpeagvik (Barrow, Alaska) floyd@apaflo.com |
Linear Mode
