chflags(l) is the BSD equivalent of the Linux chattr(1) command. File flags (attributes) provide extensions to the UNIX file permissions of read, write, and execute. They can be used to prevent even the superuser from modifying or deleting sensitive files.

For example, setting the schg (system change/immutable) flag can help protect against rootkits by preventing operating system binaries from being deleted or modified:

chflags schg -R /bin /sbin /usr/bin /usr/sbin

In Linux, lsattr(l) is used to view file attributes. In BSD, you instead add the o switch to a long listing, as seen in Figure C-2. The schg indicates that this binary has the system immutable flag set. Only the superuser can remove this flag and, depending upon the securelevel, he or she may have to drop the system down to single-user mode in order to do so.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook

Post a comment