> How does one go about setting the append-only and/or immutable flags?
# The letters `Sacdisu' select the new attributes for the
# files: synchronous updates (S), append only (a), com-
# pressed (c), immutable (i), no dump (d), secure deletion
# (s), and undeletable (u).
> Also, how would you patch sysctl.c in order to get write acess? just
> change the 0444 to 0644 in the line :
AFAIK yes. The strategy function will ensure that you can only increase the
value. (PID 1 could decrease it). In addition to that you have to remove
module support from kernel, this wont be blocked by securelevel.