[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] "Chattr +i" on inetd.conf & the GUI

Subject: [cobalt-users] "Chattr +i" on inetd.conf & the GUI
From: Scott F <scott_falco@xxxxxxxxx>
Date: Mon Aug 20 17:45:03 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> I seriously thought "chattr -i" was all that 
> was needed to remove "chattr" settings from a file, 

>
>>It is, and that should tell you something 
>>about how useless chattr is when
>>you don't have the machine setup to use it ;) 
>>So don't play with it, if you had managed to 
>>get it to work you would be in real trouble, 
>>as a machine setup to use immutable file 
>>attributes will not let even root turn
>>them off again, that's the ENTIRE point of them ;)

Ummmm, what would be the point of "chattr -i" if even
someone with root priv can't turn it off? 

I'm pretty sure these machines will allow you to set
chattr on any file.. I've done so on numerous security
related files, and they can't be touched, even as user
root unless you first issue the "chattr -i" command on
the file. Personally, I keep chattr on my hosts.deny
and hosts.allow files, as well as my firewall and the
file that holds the IP's of blocked ghouls from my
firewall to name a few. If Jr. managed to obtain
access to one of my systems, I certainly would want to
make it as difficult as possible to him/her to modify
several important (security) files, and he/she's not
going to do so with chattr set unless they get root...
I use this command with all my boxes as I'm a true
believer in security by layers.

>>As Taco posted, you probably just crashed 
>>the perl script and left a dead lock file in
>>var/lock....

Nope, that's not it.. I checked there first.. And it's
the same with ALL my RaQ's that have chattr set on
inetd.conf. You can easily edit the inetd.conf file
via command line after issuing chattr -i
/etc/inetd.conf, but you can't edit the file without
removing chatter first. But when it comes to using the
GUI, it doesn't matter, it just returns the message
"/etc/inetd.conf is locked" regardless if you issue
"chattr -i /etc/inetd.conf" on the file prior to
trying to use the GUI..

Not that it's THAT big of a problem. Personally, I'd
rather have layers of security over convenience. I
mostly work from behind the command prompt anyway and
just edit the file by hand if ever need be... But I'm
just a little stumped as to why it's acting up inside
the GUI even when the command is issued/removed
first..<??> I did notice that it leaves a tmp file as
inetd.conf~ when it's done.

Thanks for your guy's input!

__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/

Follow-Ups:
- [cobalt-users] should I buy into RaQ3
  - From: Jim Byrne
- Re: [cobalt-users] "Chattr +i" on inetd.conf & the GUI
  - From: flash22

Prev by Date: [cobalt-users] Raq2 upgrade to Raq4
Next by Date: [cobalt-users] Large Log Files
Previous by thread: Re: [cobalt-users] "Chattr +i" on inetd.conf & the GUI
Next by thread: [cobalt-users] should I buy into RaQ3

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index