Date: Fri, 16 Feb 2001 12:42:49 -0500 (EST) From: Rob Simmons <rsimmons@wlcg.com> To: Rasputin <rasputin@FreeBSD-uk.eu.org> Cc: security@FreeBSD.ORG Subject: Re: File flags Message-ID: <Pine.BSF.4.21.0102161241440.82155-100000@mail.wlcg.com> In-Reply-To: <20010216133331.A48008@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Turn off log rotation and set the append only flag Robert Simmons Systems Administrator http://www.wlcg.com/ On Fri, 16 Feb 2001, Rasputin wrote: > * Ragnar Beer <rbeer@uni-goettingen.de> [010216 13:17]: > > Howdy! > > > > I'm wondering which files I should protect with file flags. So far I only > > protected a couple of flags in /var/log but last week I read that someone > > Is that a good idea? What happens if they need ot be rotated? > > > suggested making files in the /bin /sbin /etc directories immutable. How much > > sense does that make? > > Depends what securelevel you're in. > > Also there is a case for saying that this makes intrusions harder > to detect, although that sounds to me like saying: > "If the cupboards in your house are locked up, how are you > supposedd to tell when you've been burgled?" > > -- > Rasputin > Jack of All Trades :: Master of Nuns > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102161241440.82155-100000>