APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed


© December 2003 Tony Lawrence

Linux ext2 and ext3 file systems support addding additional attributes to files. You do this with "chattr". The most common attribute is "immutable", which prevents a file from being changed or deleted, even by root (of course root can simply use chattr to remove the immutable flag). This can add additional protection against buffer overflow and other security escalation attacks.

The man page for chattr talks of other attributes that are supposed to be implemented someday, but it's been talking quite a while now. Unfortuantely, it gets more confusing. While "man chattr" still says that the "-s" (secure deletion) flag isn't supported, the Design and Implementation of the Second Extended Filesystem page says that it does:

An attribute allows the users to request secure deletion on files. When such a file is deleted, random data is written in the disk blocks previously allocated to the file. This prevents malicious people from gaining access to the previous content of the file by using a disk editor.

But in fact it doesn't, at least not on my systems. Apparently it was deliberately removed (from https://www.securityfocus.com/infocus/1407):

Although earlier kernels honored the 'secure deletion' flag, during the development of the 1.3 series the developers dropped the implementation of this property since it seemed to provide at best only a trivial amount of additional security and at worst a false sense of real security to users unfamiliar with the inherent problems of any 'secure deletion' scheme.

The man page also says that the -c (compression) attribute doesn't work. You can, however, add that with the e2compr patch. Note this 1998 mention of adding it to the kernel.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> chattr

Inexpensive and informative Apple related e-books:

Take Control of Automating Your Mac

Take Control of Upgrading to El Capitan

iOS 8: A Take Control Crash Course

Sierra: A Take Control Crash Course

Take Control of the Mac Command Line with Terminal, Second Edition

More Articles by © Tony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

Once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth. (Arthur Conan Doyle)

Linux posts

Troubleshooting posts

This post tagged:




Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode