About | ACP | Buy | Forum | Industry Watch | Learning Curve | Search | Twitter | Xnews
Home » Learning Curve

The Immutables

Why - and how - the 'input manager cure' works.


The Unix 'extended attribute' flags can be used to lock files down in a myriad of ways.

System FlagsUser Flags
10000 archived
20000 immutable
40000 append
 0001 no dump
0002 immutable
0004 append
0008 opaque

The flags are above and beyond ordinary file modes. They can be accessed both programmatically and from the command line.

The command line version accepts both a comma separated list of keywords and an octal value.

The user 'immutable' flag prevents the item from being overwritten, deleted, moved, or renamed, regardless of other permissions.

The system 'immutable' flag does likewise, but it can only be set by the superuser and only be reset in single user mode - something trojans aren't going to be able to do.

If applied to 'InputManagers' directories, the 'immutable' flags can effectively prevent tampering. If the system 'immutable' flag is set, then no action short of a reset in single user mode will remove it.

User flags may be set by the item's owner or the superuser; system flags are set only by the superuser. Full documentation can be found in the manpage.

% man -a chflags
NAME
     chflags - change file flags

SYNOPSIS
     chflags [-R [-H | -L | -P]] flags file ...


NAME
     chflags, fchflags - set file flags

SYNOPSIS
     #include <sys/stat.h>
     #include <unistd.h>

     int
     chflags(const char *path, u_long flags);

     int
     fchflags(int fd, u_long flags);

See Also
The Chocolate Tunnel
Input Managers - The Cure
Peeking Inside the Chocolate Tunnel

About | ACP | Buy | Forum | Industry Watch | Learning Curve | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.