Hi, I want to lock down a directory to be read-only, say, /etc, for system security. Unfortunately, some valid system tools might need to create/modified files like "/etc/dhclient-eth0.conf". To avoid disrupting the normal running of those tools, I might have to allow certain files to be created under /etc.
Is there any way that allows me to specify what files are allowed to be created while locking down the whole directory at most of the time? I think of adding an exception list as extend attributes of Ext3 filesystem, and changes the Ext3 filesystem to enforce the policy. But this method looks awful. Any elegant way to achieve this goal? Thanks xin - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
