From: Kyle Moffett <mrmacman_g4@mac.com>
To: DervishD <lkml@dervishd.net>
Cc: dean gaudet <dean-list-linux-kernel@arctic.org>,
Xin Zhao <uszhaoxin@gmail.com>,
linux-kernel@vger.kernel.org
Subject: Re: Why Ext2/3 needs immutable attribute?
Date: Sat, 23 Apr 2005 16:37:34 -0400 [thread overview]
Message-ID: <ba1e71adc21a7b85ac989786540aee87@mac.com> (raw)
In-Reply-To: <20050423191213.GA505@DervishD>
On Apr 23, 2005, at 15:12, DervishD wrote:
> * Kyle Moffett <mrmacman_g4@mac.com> dixit:
>>> another usage: if you "chattr +i /var" while /var is unmounted,
>>> then root is unlikely to accidentally create files/dirs in /var --
>>> and when you mount the real /var on top it works fine. i tend to
>>> protect all my mount points this way (especially those in /mnt) to
>>> avoid my own dumb mistakes.
>> If you chmod 000 /var beforehand (While it's still unmounted, of
>> course), then it's also blindingly obvious that it's not mounted in
>> an ls -l :-D. I too have used this trick on many/most of my
>> systems.
> I was doing exactly that, but it has its drawbacks: root still
> can create files by accident. [...]
Ah, I meant in combination with the above trick:
# umount /var
# chmod 000 /var
# chattr +i /var
# ls -alhd /var
d--------- 2 root root 68 Apr 23 16:36 /var
# mount /var
If I forget to mount var, not only can I not create files, I'll also
notice when I "ls -alh /".
Cheers,
Kyle Moffett
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a18 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$
L++++(+++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+
PGP+++ t+(+++) 5 X R? tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r
!y?(-)
------END GEEK CODE BLOCK------
next prev parent reply other threads:[~2005-04-23 20:37 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-17 15:54 Why Ext2/3 needs immutable attribute? Xin Zhao
2005-04-17 16:03 ` Willy Tarreau
2005-04-17 16:12 ` Xin Zhao
2005-04-17 16:23 ` Kyle Moffett
2005-04-17 16:27 ` Willy TARREAU
2005-04-17 19:47 ` Bernd Eckenfels
2005-04-17 23:48 ` Xin Zhao
2005-04-18 1:53 ` Bernd Eckenfels
2005-04-17 19:45 ` Bernd Eckenfels
2005-04-23 16:50 ` dean gaudet
2005-04-23 18:33 ` DervishD
2005-04-23 18:49 ` Kyle Moffett
2005-04-23 19:12 ` DervishD
2005-04-23 20:37 ` Kyle Moffett [this message]
2005-04-23 22:54 ` DervishD
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ba1e71adc21a7b85ac989786540aee87@mac.com \
--to=mrmacman_g4@mac.com \
--cc=dean-list-linux-kernel@arctic.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkml@dervishd.net \
--cc=uszhaoxin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.