chattr for hackers

Yet another boring chapter, Chapter 5 the filesystem in the “UNIX and Linux System Administration Handbook”, bar the excellent overview of the ACL topic, still has a bit of fun going on.

Linux defines a set of supplemental flags that can be set on files to request special handling.
The immutable and append-only flags (i and a) were largely conceived as ways to make the system more resistant to tampering by hackers or hostile code. Unfortunately, they can confuse software and protect only against hackers that don’t know enough to use chattr -ia. Real-world experience has shown that these flags are more often used by hackers than against them.

The problem of the immutable attribute presented for the configuration management systems is also mentioned. I tend to agree with that with one caveat. Sometimes there are complex administration domains intersections in place, so that it is easier to make a pin-pointed adjustment with the immutable attribute at a leaf system than to introduce changes at a higher lever.

An example of such a situation is using a “managed” virtual machine from a big cloud provider. It is often convenient to have a VM centrally “managed”, but just a little extra local flexibility is well-warranted sometimes.