Re: Root can't delete files
From: Fabrice MARIE (fabrice@celestix.com)Date: 10/11/01
- Previous message: Nick Sugiero: "Identd DoS Attacks"
- In reply to: Jose Nazario: "Re: Root can't delete files"
- Next in thread: Simon Burns: "Re: Root can't delete files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200110110752.f9B7qHe04476@fabrice.celestix.com> From: Fabrice MARIE <fabrice@celestix.com> To: Jose Nazario <jose@biocserver.BIOC.cwru.edu>, Nicolas Bock <nbock@buffalo.edu> Subject: Re: Root can't delete files Date: Thu, 11 Oct 2001 15:52:16 +0800
Hi,
On Thursday 11 October 2001 03:18, Jose Nazario wrote:
> thats very true, yes. however, LIDS can be used to prevent this, so that
> with kernel settings (which require a reboot to effect) even root cannot
> make modifications, no matter what they try, not until these kernel flags
> are cleared and the system rebooted. couple that to firmware/BIOS level
> passwords, and you're set. you can build up a trusted computing base this
> way. something to consider. and sorry for any confusion earlier, thanks for
> requesting the clarification.
I like very much RSBAC for it's desing/power :
http://www.rsbac.org/
You can administer your box using roles (among others
but roles are powerful and simple...) to prevent
fools from playing around or simply to prevent admin's typos from
becoming a disaster.
Have a nice day,
Fabrice.
-- Fabrice MARIE Senior R&D Engineer Celestix Networks http://www.celestix.com/"Silly hacker, root is for administrators" -Unknown
- Previous message: Nick Sugiero: "Identd DoS Attacks"
- In reply to: Jose Nazario: "Re: Root can't delete files"
- Next in thread: Simon Burns: "Re: Root can't delete files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
