[olug] lsattr
Mike McNally
mmcnally3 at prodigy.net
Sat Sep 16 18:45:51 UTC 2000
So far the only security info I have found re immutable files indicates
that the archival logfiles must be immutable or your security is very
weak. So it would appear that by responding to Brian's inquiry I have
let all the script kiddies on this list know that my logfiles are not
immutable.
So if my system were more secure the command, that Brian suggests that I
run, would have shown log files to be immutable... which is good, not
bad as he implies. Further, to run the command he suggests:
chattr -i ${AFFECTED_FILE}
would unset the immutable bit, placed on logfiles to enhance security,
thus reducing security. Is this the point where I should be thanking
you Brian?
mike
Mike McNally wrote:
>
> I found 3 immutable files in the mutt/charsets dir.
snip
> mike
snip
> > On Mon, 11 Sep 2000, Brian Roberson wrote:
> >
> > >
> > > I am sure someone will thank me later....
> > >
> > >
> > >
> > > lsattr -R / | grep "\-i\-"
> > >
> > > anything show up beside's the error's in /dev/ and /proc/ ??
> > >
> > >
> > > better look deeper then!!
> > >
> > > `man chattr`
> > >
> > > or the shortway:
> > >
> > > chattr -i ${AFFECTED_FILE}
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list