*BSD News Article 48436


Return to BSD News archive

Xref: sserve comp.unix.bsd.misc:158 comp.unix.bsd.bsdi.misc:574
Path: sserve!euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!noc.netcom.net!news.sprintlink.net!newsfeed.internetmci.com!news.mathworks.com!news.kei.com!usenet
From: ckd@loiosh.kei.com (Christopher Davis)
Newsgroups: comp.unix.bsd.misc,comp.unix.bsd.bsdi.misc
Subject: Re: Circumventing immutable file protections
Date: 9 Aug 1995 02:08:59 GMT
Organization: Darth Vader School of Personnel Management
Lines: 14
Sender: ckd@loiosh.kei.com
Message-ID: <4095br$3tj@kragar.kei.com>
References: <DCvE8s.15A@candle.pha.pa.us>
NNTP-Posting-Host: loiosh.kei.com
In-reply-to: root@candle.pha.pa.us's message of Sun, 6 Aug 1995 03:41:16 GMT
X-Attribution: ckd

BM> == Bruce Momjian <root@candle.pha.pa.us>

 BM> If a hacker broke into a system, wouldn't he do his mischief, then
 BM> add entries to /etc/rc to truncate or modify the log files and then
 BM> cause a reboot.

Make /etc/rc immutable, and he won't.  (You want security?  Make LOTS of
stuff immutable.  Sure, it's a bit more of a pain to maintain, but it's
also a lot more of a pain to try to break into...)
-- 
Christopher Davis * <ckd@kei.com> * <URL:http://www.kei.com/homepages/ckd/>
     512/03829F89 =  D7 C9 A7 80 8C 84 3F B2  27 E1 48 61 BF FC 18 B4
    1024/66CB73DD =  46 8E FD F5 12 8E 13 4C  2C 8A 92 A3 B0 D5 2A 5E
	  [ Public keys available by finger, WWW, or keyserver ]