From owner-freebsd-questions Tue Sep 17 3: 2:23 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 320F737B401 for ; Tue, 17 Sep 2002 03:02:22 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 06CA943E4A for ; Tue, 17 Sep 2002 03:02:21 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk ([IPv6:::1]) by smtp.infracaninophile.co.uk (8.12.6/8.12.6) with ESMTP id g8HA2Jc9073199; Tue, 17 Sep 2002 11:02:19 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.6/8.12.6/Submit) id g8HA2DZN073198; Tue, 17 Sep 2002 11:02:13 +0100 (BST) Date: Tue, 17 Sep 2002 11:02:13 +0100 From: Matthew Seaman To: Jimmy Lantz Cc: freebsd-questions@FreeBSD.ORG Subject: Re: mount read only || chflags schg & sec level 2 Message-ID: <20020917100213.GA73070@happy-idiot-talk.infracaninophi> References: <5.1.0.14.0.20020917103713.032c3950@mail.lusidor.nu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.1.0.14.0.20020917103713.032c3950@mail.lusidor.nu> User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-3.4 required=5.0 tests=IN_REP_TO version=2.31 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Sep 17, 2002 at 10:39:10AM +0200, Jimmy Lantz wrote: > I'm looking for away to write protect > some files whats the pros and cons > with having the file on a seperate partition and mount that read-only > or use the chflags schg and go to kernel security level 2? Either should work fine at keeping your files read-only, but you're probably going over the top here. If your system can be compromised to the extent that the normal filesystem protections can be overruled, then the game is up anyhow --- someone wth that level of access can easily get around the sort of restrictions you're proposing. If the intent is to prevent accidental deletion or modification of the files while you're logged in as root, then 'chflags schg' is probably appropriate --- you don't need to run at secure level 2 for the schg flag to take effect, but you can only turn off schg at secure level 0 or lower. If you're really paranoid about the files, then you could consider storing the files on a medium that is read-only at the hardware level: eg. write the files to a CD-RW, which you then mount from a CD-ROM drive, or use a hard drive you've jumpered to be read-only. Or you could use a file integrity checker, like tripwire (ports: security/tripwire) --- you can keep the tripwire checksum database on a write protected floppy. You should also store known good copies of the file off-line as a backup: hardware failure is very good at erasing files despite all the precautions a sysadmin can take. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message