UNIX for Dummies Questions & Answers

Is there any way to create a file in linux that root user also can't delete?

No, unless it is on an NFS filesystem where the server does not permit the client to have update access. Of course, then you have to secure the server.......

You cannot prevent root from being root.

Some filesystems like ext3 have extended options you can set for a file to make it undeletable even by root. Root can also turn this bit back off.

You cannot prevent root from being root.

If your security plan, depends on preventing root from being root, it's fatally flawed.

Just burn the file on to a CD. It will mount read-only. Root won't be able to delete that.

I thought that I had seen thumb drives with a switch to render them read-only. But I don't see any now. Maybe I was just dreaming.

That is brilliant and simple!

SD-cards also have a read-only switch.

The problem is that root can always un-mount it and the file has 'gone'. I suppose that's true of my NFS suggestion too.

It's a puzzler. What is the need for an un-deleteable file anyway?


If we understood that, then maybe we have something more to consider.



Robin

Back in the 80's I worked for a company that had source code licenses to System V Unix and HP-UX. Management, in their wisdom, had decreed that the software developers had access to root. I put the source code on a read-only partition. This protected it from programmers that sat all day in a root shell and always used "vi" rather than "view". They were clueless but not malicious.

My current employer works with some US government agencies and one of them examined a linux system prior to being connected to closed network. One of the changes they demanded was for me to set the immutable flag on grub.conf. So I did. And yes, root can turn off the flag, change the file, then turn the flag back on. I also thought that grub.conf was odd choice to be the only file needing extra protection.