About | ACP | Buy | Industry Watch | Learning Curve | News | Search | Test
Home » Learning Curve

The Immutables

Why - and how - the 'input manager cure' works.

The Unix 'extended attribute' flags can be used to lock files down in a myriad of ways.

System FlagsUser Flags
10000 archived
20000 immutable
40000 append
 0001 no dump
0002 immutable
0004 append
0008 opaque

The flags are above and beyond ordinary file modes. They can be accessed both programmatically and from the command line.

The command line version accepts both a comma separated list of keywords and an octal value.

The user 'immutable' flag prevents the item from being overwritten, deleted, moved, or renamed, regardless of other permissions.

The system 'immutable' flag does likewise, but it can only be set by the superuser and only be reset in single user mode - something trojans aren't going to be able to do.

If applied to 'InputManagers' directories, the 'immutable' flags can effectively prevent tampering. If the system 'immutable' flag is set, then no action short of a reset in single user mode will remove it.

User flags may be set by the item's owner or the superuser; system flags are set only by the superuser. Full documentation can be found in the manpage.

% man -a chflags
     chflags - change file flags

     chflags [-R [-H | -L | -P]] flags file ...

     chflags, fchflags - set file flags

     #include <sys/stat.h>
     #include <unistd.h>

     chflags(const char *path, u_long flags);

     fchflags(int fd, u_long flags);

See Also
The Chocolate Tunnel
Input Managers - The Cure
Peeking Inside the Chocolate Tunnel

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search
Copyright © Rixstep. All rights reserved.