In article <[EMAIL PROTECTED]> you wrote: > Yes. I know, with immutable, even root cannot modify sensitive > files. What I am curious is if an intruder has root access, he may > have many ways to turn off the immutable protection and modify files.
If you secure your system correctly (i.e make /dev/*mem imutable, disalow module loading, restrict io... (and I admit it is quite complicated to find all holes and secure it correctly without additional ptches like SELinux)) then even root cant gt arround immutable or append only (without rebooting). Greetings Bernd - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
