Visit The New, Modern Unix Linux Community


Freeze system


 
Thread Tools Search this Thread
Special Forums Cybersecurity Freeze system
# 1  
Freeze system

hello
is there any freeze software for Linux-redhat system to prevent any changes on /root


(wish open topic on right forum)
# 2  
Quote:
Originally Posted by nimafire
is there any freeze software for Linux-redhat system to prevent any changes on /root
On systems that support MAC you may be able to modify a policy to deny writes to files, denying policy alteration and denying reboot (convoluted). On file systems that support it you can set the immutable bit (weak). On file systems that do not support extended attributes you could mount another /root directory over it with the ro flag set (even weaker option).

*Do note anyone with root privileges can undo things. Also note immutable files are of no use if the real cause of the problem should not be addressed through the use of technology (as in PEBCAK).
This User Gave Thanks to unSpawn For This Post:
# 3  
Quote:
Originally Posted by unSpawn
On systems that support MAC you may be able to modify a policy to deny writes to files, denying policy alteration and denying reboot (convoluted).
can you explain more?how can i do this?
Quote:
On file systems that support it you can set the immutable bit (weak). On file systems that do not support extended attributes you could mount another /root directory over it with the ro flag set (even weaker option).

*Do note anyone with root privileges can undo things. Also note immutable files are of no use if the real cause of the problem should not be addressed through the use of technology (as in PEBCAK).
how about scrub command? is it possible to set it to files i need to prevent any changes by other ?
# 4  
Quote:
Originally Posted by nimafire
can you explain more?how can i do this?
Mandatory Access Controls (MAC) like SELinux or TOMOYO allow you to create a policy that can deny access to files. The problem, and that's why I said it would probably be convoluted, is that it is unlikely that any existing policies will match your needs so you'll have to write your own policy: tedious, bothersome and no guarantee your policy works until you have tested it. If you want to learn more best read the documentation first.


Quote:
Originally Posted by nimafire
how about scrub command?
Never heard of it.


Quote:
Originally Posted by nimafire
is it possible to set it to files i need to prevent any changes by other ?
Immutable bit, yes.

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #186
Difficulty: Easy
The primary role of a Moderator at UNIX.com is to enforce the community rules and guidelines.
True or False?

8 More Discussions You Might Find Interesting

1. Solaris

Solaris 11 install freeze

Hi, I tried to boot the Solaris 11 install DVD the other day and I can't get past the "SunOS" text banner on the clear/newscreen. It just hangs with a solid block cursor. I have a new computer and that might be the problem, but what I want is more verbosity maybe, some kind of detailed... (2 Replies)
Discussion started by: eax
2 Replies

2. Linux

grub2 startup freeze

I got a dual boot with grub2, but everytime I turn on the computer and the booter is loaded, I can't handle the menu, so I am forced to wait the countdown and choose the default option. I'd really like to know why! This is my grub.cfg, # # DO NOT EDIT THIS FILE # # It is automatically... (0 Replies)
Discussion started by: Luke Bonham
0 Replies

3. SCO

SCO 6.0 Freeze

Hi Gurus I have installed SCO 6.0 open server on Dell R710 server. It has frozen three times afte installtion. and I had to cold reboot to bring the server back again. I need to know where to look for the reason it froze. The keyboard on the server the asterisk key is pressed, even... (13 Replies)
Discussion started by: atish0
13 Replies

4. AIX

Freeze user in one directory

Guy's I have user calld appuser home directory of this user is : /app/application when this user login , user will be direct under this directory /app/application I want to keep and freeze this user in his home directory to be able to access only his home directory and denied it... (2 Replies)
Discussion started by: Mr.AIX
2 Replies

5. SCO

Help on System Freeze in SCO

Hi, My SCO server freezes suddenly. I just want to know if there any tools / commands availble that can find which is causing the freeze? Any help on this would be greatly appreciated. Regards, Ravikumar R (4 Replies)
Discussion started by: rrb2009
4 Replies

6. Linux

How to trace the module after system freeze?

Hi, I wrote a kernel module that did a virtual network protocol and library that provide interface for application use to interact with the kernel module by ioctl actions. insmod the module and unload the module, there will be no problem. But once I call the library with my example... (0 Replies)
Discussion started by: a2156z
0 Replies

7. Linux

Read data of a page frame (linux) make freeze the system

Hello, I'm writing a linux driver that reading the data of a page frame of an process. But when I use it, it make immediately freeze the system. Can you help me? Thank for reading my question! system: Ubuntu 9.04, kernel 2.6.28.15, Intel Duo static int read_addr(int pid, unsigned long... (2 Replies)
Discussion started by: hahai
2 Replies

8. Shell Programming and Scripting

PHP5 Script 'Freeze' before exiting

I recently upgraded a system from php 4.4.2 to php 5.2.1, and one of my scripts has started behaving very strangely. I've tried google but come up blank so far. Basically what the script does is select a large amount of data from a mysql (4.1.21) database, do some manipulation, the plots a graph... (4 Replies)
Discussion started by: Unbeliever
4 Replies

Featured Tech Videos