From owner-freebsd-questions Fri May 26 02:57:22 1995 Return-Path: questions-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id CAA21474 for questions-outgoing; Fri, 26 May 1995 02:57:22 -0700 Received: from gaudi.diatel.upm.es (gaudi.diatel.upm.es [138.100.49.10]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id CAA21468 for ; Fri, 26 May 1995 02:57:16 -0700 Received: by gaudi.diatel.upm.es (4.1/SMI-4.1) Fri, 26 May 95 11:53:59 +0200 X400-Received: by mta diatel.upm in /PRMD=/ADMD=/C=/; Relayed; Fri, 26 May 1995 11:53:55 UTC+0200 X400-Received: by /PRMD=iris/ADMD=mensatex/C=es/; Relayed; Fri, 26 May 1995 11:53:55 UTC+0200 Date: Fri, 26 May 1995 11:53:55 UTC+0200 X400-Originator: jmrueda@diatel.upm.es X400-Recipients: non-disclosure:; X400-Content-Type: P2-1984 (2) X400-Mts-Identifier: [/PRMD=iris/ADMD=mensatex/C=es/;950526115355] Content-Identifier: 706 Conversion: Prohibited From: Javier Martin Rueda To: questions@FreeBSD.org Message-Id: <706*/S=jmrueda/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS> Subject: Which files should have append-only and immutable flags? Mime-Version: 1.0 (Generated by Ean X.400 to MIME gateway) Sender: questions-owner@FreeBSD.org Precedence: bulk I've been experimenting a little bit with the chflags command, and I was wondering if there exists any recommendation about which files should have the system append-only and system immutable flags on? After a quick thinking, it seems that probably the following directories and all the files inside should be immutable, as they are not supposed to change in the operating system's lifetime: /sbin, /usr/sbin, /bin, /usr/bin, /usr/lib, /usr/X11R6/bin, /usr/X11R6/lib The files in the following directories should be immutable, but the directory should not, as new files can be added. The directory may be append-only: /usr/local/bin, /usr/local/lib Several configuration files that are not supposed to change should be immutable, such as: /etc/rc, /etc/services, /etc/protocols... And it would be interesting that some log files were append-only, such as: /var/log/messages, /var/log/wtmp... However, with the latter files, there's the problem that you cannot rename them, compress them, or delete them so that you cannot rotate the logs while multiuser. Of course, for all this to work, the system security level should be 1 or 2. Does anybody use flags, and can give some advise about their use? PD: by the way, if a normal user tries to set a system flag in one of his files, he doesn't succeed, but he gets no error either. Is that supposed to be ok? I think that "operation not permitted" should be returned.