Re: secure file permissions
On Mon, 8 Dec 2003 19:16, "Domonkos Czinke" <domonkos.czinke@keystone.hu>
wrote:
> I recommend using the chattr program. You should set them immutable
> chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow. Man chattr.
In a stock Linux kernel the permissions required to "chattr -i" a file are
exactly the same as those required to write to /etc/passwd or /etc/shadow.
So what does this gain?
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: