On Thu, Nov 29, 2001 at 06:36:32PM -0800, Alvin Oga wrote: > lids tries to prevent you and [h/cr]ackers from changing > files its supposed to be protecting... > a simple "attr +i /etc/passwd" will prevent it from > being changed too
attr permissions can be changed by anyone who has managed to get root permissions. Not so with lids... changing files protected by lids requires a special passphrase. That way even if someone manages to get root (via buffer overflow or whatever) they will find themselves unable to install root kits and the like... assuming that your system is secured properly. attr perms are really only useful in preventing you (root) from accidently erasing something and so forth: it doesn't provide any actual security functionality. Lids is just one part of system security. Tripwire, libsafe, etc all still have important roles. -- John Patton [EMAIL PROTECTED] "I know the answer! The answer lies within the heart of all mankind! The answer is twelve? I think I'm in the wrong building." -Peppermint Patty,
