Implementing fully immutable files
Implementing fully immutable files
Like all Unix-like systems, Linux implements the traditional protection
bits controlling who can access files in a filesystem (and what access
they have). Fewer users, perhaps, are aware of a set of additional
permission bits hidden away behind the chattr
and lsattr
commands. Among other things, these bits can make a file append-only,
mark a file to be excluded from backups, cause a file's data to be automatically
overwritten on deletion, or make a file immutable. The implementation of
many of these features is incomplete at best, so perhaps it's not
surprising that immutable files can still be changed in certain
limited circumstances. Darrick Wong has posted a
patch set changing this behavior, implementing a user-visible
behavioral change that he describes as "an extraordinary way to
destroy everything
".