Linux extension hide attributes with the lsattr/chattr command

Linux extended hidden attributes and the lsattr/chattr Command 1 and ext3 hidden attributes are supported in the kernel 2.2 and 2.4 series. the ext3 file system supports setting and querying the following attributes: AAtime. Tell the system not to modify the last access time to this file ....
Linux extended hidden attributes and the hidden attributes of lsattr/chattr Command 1 and ext3 are supported in kernel 2.2 and 2.4 series. the ext3 file system supports setting and querying the following attributes: A Atime. Tell the system not to modify the last access time to this file. S Sync. Once the application writes the file, the system immediately writes the modification result to the disk. A Append Only. The system can only append data after the file, and does not allow any process to overwrite or intercept the file. If the directory has this attribute, the system will only allow the creation and modification of files under this directory, and will not allow the deletion of any files. I Immutable. The system does not allow any modifications to this file. If the directory has this attribute, any process can only modify files under the Directory, and does not allow creation or deletion of files. D No dump. During file system backup, the dump program ignores this file. C Compress. The system compresses the file transparently. When reading from this file, the returned data is extracted. when writing data to this file, the data is first compressed before being written to the disk. S Secure Delete. Let the system fill in the area of the file with 0 when deleting this file. U Undelete. When an application requests to delete this file, the system will keep its data block so that the file can be restored and deleted later. Www.2cto.com 2. attributes supported by each kernel version: * allow setting and make the setting take effect. I allow setting this flag but ignore its value-ignore this flag completely 1.0 1.2 2.0 2.2 A--*** S ***** a-***** I-***** d-***** c I 3, lsattr display hide the property command: this command is generally available. if not, download the source code of this toolkit to compile and install it: http://sourceforge.net/projects/e2fsprogs The lsattr command only supports a few options. the options are as follows:-a lists all files in the directory, including files starting. -D www.2cto.com lists the directories in the same way as the files and displays their contents. -R recursively lists the attributes and contents of a directory. -V: list file versions (used for network file system NFS ). 4. the chattr setting command can be executed in the following three ways: chattr + Si test.txt to add synchronization and immutable attributes to the test.txt file. Chattr-ai test.txt removes the append-only attributes and immutable attributes of the file. Chattr = aiA test.txt makes the test.txt file only have attributes a, I, and. Finally, each command supports the-R option to recursively operate directories and their subdirectories. 5. what should we do with chattr? The host is directly exposed to the Internet or in other dangerous environments. There are many shell accounts or network services such as HTTP and FTP. Generally, the following command should be used after the installation and configuration is complete: www.2cto.com chattr-R + I/bin/boot/etc/lib/sbin chattr-R + I/usr/bin/usr/include/usr/lib/usr/sbin chattr + /var/log/messages/var/log/secure (...) if you rarely add, change, or delete an account, setting/home to the immutable attribute will not cause any problems. In many cases, the entire/usr directory tree should also have unchangeable attributes. In fact, in addition to the chattr-R + ii/usr/command for the/usr directory, you can also use the ro option in the/etc/fstab file, load the partition of the/usr directory in read-only mode. In addition, setting the system log file to only append-only makes it impossible for intruders to erase their traces. Author wang7dao