Imutable bit

[Petr Snajdr]

Pavel JANIK ml. wrote:

>K vylistovani atributu slouzi prikaz lsattr,
> ke zmene chattr.

To jsem chtel vedet. :-) Diky.

Pavel JANIK ml. wrote:
> >    Ja si myslim, ze jakmile existuje na systemu neco jako /dev/kmem > >    (a to je,
> >    tusim, nezavisle na securelevel) a pomoci toho si mohu 
> >    securelevel zmenit,
> 
>    Ok, ale zase pouze jako superuser, ne normalni (!suser(), spise 
>    !fsuser()).

Asi to nechapu :-(
Prectav si situac. nekdo se vlomi do systemu a narazi na immutable bit.
Predpokladam, ze kdyz je nastaven i na /dev/kmem tak nemuzu r/w ani tam,
ale co mu brani v  mknod  /root/kmem c 1 2 a smele pokracovat dal ?
Da se tomuhle nejak zamezit ? pokud ne tak je cely immutable bit pouze
zajimavou hrackou nebo pomuckou pro ty, kdo nevi co delaji.
Pochopil jsem to spatne ? 
Jde vubec Linux "zabetonovat" tak, ze  mimo secureleve 0 budou i
superuser prava malo a nepujde to nijak jednoduse nebo slozite obejit ?

Jan Kurik wrote:

> >
> >       Funguje to jako Stacker, nebo DblSpace pod Win, akorat si muzu
> > nastavit, co chci a co nechci komprimovat
> 

See:
http://sunsite.unc.edu/pub/Linux/system/filesystems/dosfs/dmsdosfs-0.8.0a.lsm

dmsdos filesystem for Linux: extends msdos filesystem to allow
full read and restricted write access to msdos/win95 compressed
partitions (msdos files like dblspace.xxx and drvspace.xxx and
stacvol.xxx). The following configurations are supported:
   - DoubleSpace / DriveSpace compressed msdos 6.x partitions
     (read-write, fully supported),
   - DoubleSpace / DriveSpace compressed win95 partitions
     (read-write, fully supported),
   - DriveSpace 3 (from Plus! pack) compressed win95 partitions
     (read-write, without Ultra compression method support),
   - Stacker 3 compressed partitions (read-write, but write
     access currently without compression),
   - Stacker 4 compressed partitions (read-write)


a take http://sunsite.unc.edu/pub/Linux/system/filesystems/thsfs.lsm


S pozdravem
  Petr Snajdr