LinuxPlanet - Tips - Viewing and Changing Ext2/3 File Attributes With chattr and lsattr

Home | Hardware | Internet News |Web Hosting |IT Management |Network Storage

Search
	Power Search \| Tips

Front Door
Discussion
LinuxEngine
Opinions
Reports
Reviews
Tutorials
News
Technology Jobs

Browse by subject.

Free Newsletter

Server Daily
More Free Newsletters

Be a Commerce Partner

internet.com

IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

LinuxPlanet / Tips

Viewing and Changing Ext2/3 File Attributes With chattr and lsattr

Juliet Kemp
Sunday, March 29, 2009 05:19:17 PM

chattr allows you to change some of the attributes of files in ext2 and ext3 Linux filesystems. Here are a couple of useful options. The syntax is
chattr +option filename
and options can be reversed with -option.
+i: Makes a file immutable: even root can't alter it. This is useful to protect against accidentally altering particularly important files.

+a: Sets files such that they can only be appended to, not overwritten. If you set this for your logfiles, if an attacker gets access to the machine, they can't rewrite the logs to hide the breakin.
Two things to bear in mind:
An attacker with full root access could simply use the -a flag to remove this protection. Look into the lcap utility to remove the capability to make this change from the kernel (after which it will take a reboot to restore it).

Setting this attribute will break log rotation. It's a tradeoff between that slight inconvenience and the advantages of much better audit.

-S (note capitalization): The file equivalent of setting mount -o sync for a directory. Instead of holding the data in a buffer and writing to disk asynchronously (which improves performance but slightly increases the risk of data corruption), the write happens immediately when the change is made. On a per-file basis the performance hit is minor, so this may be useful, again, for particularly important files.

The -R flag will set these attributes recursively (chattr -R +i /directory). You can also see the attributes set for a particular file by using lsattr filename.

Article courtesy of Serverwatch

Linux is a trademark of Linus Torvalds.


	home \| search \| help! \| about us

The Network for Technology Professionals

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers

Whitepapers and eBooks

PDF: Security Reference Guide
PDF: Data and Identity Security
PDF: Secure Remote Access 101

Helpful Cloud Computing Resources
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

User Experience Management Indicators for Business and IT Success
Ensuring Performance Meets Business and Web User Needs

MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

IBM DB2 e-kit for Database Professionals: Extending Skills is Fast and Easy
Get BlackBerry Enterprise Server Express for Free

MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Demo: Google Site Search
Virtual Event: Master Essential Techniques for Leveraging the Cloud
Article: Explore Application Lifecycle Management Tools in Visual Studio 2010
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products

New Security Solutions Using Intel(R) vPro(TM) Technology
All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES