Return to BSD News archive
Xref: sserve comp.unix.bsd.misc:158 comp.unix.bsd.bsdi.misc:574
Path: sserve!euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!noc.netcom.net!news.sprintlink.net!newsfeed.internetmci.com!news.mathworks.com!news.kei.com!usenet
From: ckd@loiosh.kei.com (Christopher Davis)
Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.bsdi.misc
Subject: Re: Circumventing immutable file protections
Date: 9 Aug 1995 02:08:59 GMT
Organization: Darth Vader School of Personnel Management
Lines: 14
Sender: ckd@loiosh.kei.com
Message-ID: <4095br$3tj@kragar.kei.com>
References: <DCvE8s.15A@candle.pha.pa.us>
NNTP-Posting-Host: loiosh.kei.com
In-reply-to: root@candle.pha.pa.us's message of Sun, 6 Aug 1995 03:41:16 GMT
X-Attribution: ckd
BM> == Bruce Momjian <root@candle.pha.pa.us>
BM> If a hacker broke into a system, wouldn't he do his mischief, then
BM> add entries to /etc/rc to truncate or modify the log files and then
BM> cause a reboot.
Make /etc/rc immutable, and he won't. (You want security? Make LOTS of
stuff immutable. Sure, it's a bit more of a pain to maintain, but it's
also a lot more of a pain to try to break into...)
--
Christopher Davis * <ckd@kei.com> * <URL:http://www.kei.com/homepages/ckd/>
512/03829F89 = D7 C9 A7 80 8C 84 3F B2 27 E1 48 61 BF FC 18 B4
1024/66CB73DD = 46 8E FD F5 12 8E 13 4C 2C 8A 92 A3 B0 D5 2A 5E
[ Public keys available by finger, WWW, or keyserver ]