Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Freeze system
Special Forums Cybersecurity Freeze system Post 302840089 by nimafire on Sunday 4th of August 2013 11:10:33 AM
Old 08-04-2013
Quote:
Originally Posted by unSpawn
On systems that support MAC you may be able to modify a policy to deny writes to files, denying policy alteration and denying reboot (convoluted).
can you explain more?how can i do this?
Quote:
On file systems that support it you can set the immutable bit (weak). On file systems that do not support extended attributes you could mount another /root directory over it with the ro flag set (even weaker option).

*Do note anyone with root privileges can undo things. Also note immutable files are of no use if the real cause of the problem should not be addressed through the use of technology (as in PEBCAK).
how about scrub command? is it possible to set it to files i need to prevent any changes by other ?
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

PHP5 Script 'Freeze' before exiting

I recently upgraded a system from php 4.4.2 to php 5.2.1, and one of my scripts has started behaving very strangely. I've tried google but come up blank so far. Basically what the script does is select a large amount of data from a mysql (4.1.21) database, do some manipulation, the plots a graph... (4 Replies)
Discussion started by: Unbeliever
4 Replies

2. Linux

Read data of a page frame (linux) make freeze the system

Hello, I'm writing a linux driver that reading the data of a page frame of an process. But when I use it, it make immediately freeze the system. Can you help me? Thank for reading my question! system: Ubuntu 9.04, kernel 2.6.28.15, Intel Duo static int read_addr(int pid, unsigned long... (2 Replies)
Discussion started by: hahai
2 Replies

3. Linux

How to trace the module after system freeze?

Hi, I wrote a kernel module that did a virtual network protocol and library that provide interface for application use to interact with the kernel module by ioctl actions. insmod the module and unload the module, there will be no problem. But once I call the library with my example... (0 Replies)
Discussion started by: a2156z
0 Replies

4. SCO

Help on System Freeze in SCO

Hi, My SCO server freezes suddenly. I just want to know if there any tools / commands availble that can find which is causing the freeze? Any help on this would be greatly appreciated. Regards, Ravikumar R (4 Replies)
Discussion started by: rrb2009
4 Replies

5. AIX

Freeze user in one directory

Guy's I have user calld appuser home directory of this user is : /app/application when this user login , user will be direct under this directory /app/application I want to keep and freeze this user in his home directory to be able to access only his home directory and denied it... (2 Replies)
Discussion started by: Mr.AIX
2 Replies

6. SCO

SCO 6.0 Freeze

Hi Gurus I have installed SCO 6.0 open server on Dell R710 server. It has frozen three times afte installtion. and I had to cold reboot to bring the server back again. I need to know where to look for the reason it froze. The keyboard on the server the asterisk key is pressed, even... (13 Replies)
Discussion started by: atish0
13 Replies

7. Linux

grub2 startup freeze

I got a dual boot with grub2, but everytime I turn on the computer and the booter is loaded, I can't handle the menu, so I am forced to wait the countdown and choose the default option. I'd really like to know why! This is my grub.cfg, # # DO NOT EDIT THIS FILE # # It is automatically... (0 Replies)
Discussion started by: Luke Bonham
0 Replies

8. Solaris

Solaris 11 install freeze

Hi, I tried to boot the Solaris 11 install DVD the other day and I can't get past the "SunOS" text banner on the clear/newscreen. It just hangs with a solid block cursor. I have a new computer and that might be the problem, but what I want is more verbosity maybe, some kind of detailed... (2 Replies)
Discussion started by: eax
2 Replies

LEARN ABOUT FREEBSD

extattrctl

EXTATTRCTL(8)						    BSD System Manager's Manual 					     EXTATTRCTL(8)

NAME

     extattrctl -- manage UFS1 extended attributes

SYNOPSIS

     extattrctl start path
     extattrctl stop path
     extattrctl initattr [-f] [-p path] attrsize attrfile
     extattrctl showattr attrfile
     extattrctl enable path attrnamespace attrname attrfile
     extattrctl disable path attrnamespace attrname

DESCRIPTION

     The extattrctl utility is the management utility for extended attributes over the UFS1 file system.  It allows the starting and stopping of
     extended attributes on a file system, as well as initialization of attribute backing files, and enabling and disabling of specific extended
     attributes on a file system.

     The first argument on the command line indicates the operation to be performed.  Operation must be one of the following:

     start path
	     Start extended attribute support on the file system named using path.  The file system must be an UFS1 file system, and the
	     UFS_EXTATTR kernel option must have been enabled.

     stop path
	     Stop extended attribute support on the file system named using path.  Extended attribute support must previously have been started.

     initattr [-f] [-p path] attrsize attrfile
	     Create and initialize a file to use as an attribute backing file.	You must specify a maximum per-inode size for the attribute in
	     bytes in attrsize, as well as the file where the attribute will be stored, using attrfile.

	     The -f argument may be used to indicate that it is alright to overwrite an existing attribute backing file; otherwise, if the target
	     file exists, an error will be returned.

	     The -p path argument may be used to preallocate space for all attributes rather than relying on sparse files to conserve space.  This
	     has the advantage of guaranteeing that space will be available for attributes when they are written, preventing low disk space condi-
	     tions from denying attribute service.

	     This file should not exist before running initattr.

     showattr attrfile
	     Show the attribute header values in the attribute file named by attrfile.

     enable path attrnamespace attrname attrfile
	     Enable an attribute named attrname in the namespace attrnamespace on the file system identified using path, and backed by initialized
	     attribute file attrfile.  Available namespaces are "user" and "system".  The backing file must have been initialized using initattr
	     before its first use.  Attributes must have been started on the file system prior to the enabling of any attributes.

     disable path attrnamespace attrname
	     Disable the attributed named attrname in namespace attrnamespace on the file system identified by path.  Available namespaces are
	     "user" and "system".  The file system must have attributes started on it, and the attribute most have been enabled using enable.

EXAMPLES

	   extattrctl start /

     Start extended attributes on the root file system.

	   extattrctl initattr 17 /.attribute/system/md5

     Create an attribute backing file in /.attribute/system/md5, and set the maximum size of each attribute to 17 bytes, with a sparse file used
     for storing the attributes.

	   extattrctl enable / system md5 /.attribute/system/md5

     Enable an attribute named md5 on the root file system, backed from the file /.attribute/system/md5.

	   extattrctl disable / md5

     Disable the attribute named md5 on the root file system.

	   extattrctl stop /

     Stop extended attributes on the root file system.

SEE ALSO

     ffs(7), getextattr(8), setextattr(8), extattr(9)

HISTORY

     Extended attribute support was developed as part of the TrustedBSD Project, and introduced in FreeBSD 5.0.  It was developed to support secu-
     rity extensions requiring additional labels to be associated with each file or directory.

AUTHORS

     Robert N M Watson

BSD
								  March 30, 2000							       BSD
All times are GMT -4. The time now is 02:14 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy