Firewalls: Re: Linux as a Firewall Platform

Firewalls
(December 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Linux as a Firewall Platform
From:	lists @ lina . inka . de (Bernd Eckenfels)
Date:	Wed, 18 Dec 1996 02:29:41 +0100 (MET)
To:	firewalls @ GreatCircle . COM
In-reply-to:	<Pine . LNX . 3 . 95 . 961217201427 . 31061A-100000 @ co . numerix . com> from "Greg Whalin" at Dec 17, 96 08:17:48 pm

Hello,

> How does one go about setting the append-only and/or immutable flags?

See chattr(1):

#       The letters `Sacdisu' select the new  attributes  for  the
#       files:  synchronous  updates  (S),  append  only (a), com-
#       pressed (c), immutable (i), no dump (d),  secure  deletion
#       (s), and undeletable (u).


> Also, how would you patch sysctl.c in order to get write acess?  just
> change the 0444 to 0644 in the line :

AFAIK yes. The strategy function will ensure that you can only increase the
value. (PID 1 could decrease it). In addition to that you have to remove
module support from kernel, this wont be blocked by securelevel.

Greetings
Bernd

Follow-Ups:

Re: Linux as a Firewall Platform
From: Ambrose Li <news-misc @ byron . net4 . io . org>

References:

Re: Linux as a Firewall Platform
From: Greg Whalin <gwhalin @ numerix . com>

Indexed By Date	Previous:	Re: Linux as a Firewall Platform From: Greg Whalin <gwhalin @ numerix . com>
Indexed By Date	Next:	Re: Linux as a Firewall Platform From: C Matthew Curtin <cmcurtin @ research . megasoft . com>
Indexed By Thread	Previous:	Re: Linux as a Firewall Platform From: Greg Whalin <gwhalin @ numerix . com>
Indexed By Thread	Next:	Re: Linux as a Firewall Platform From: Ambrose Li <news-misc @ byron . net4 . io . org>