Using extended file attributes to protect sensitive files

Extended file attributes are another tool for helping you to protect sensitive files. They won't keep intruders from accessing your files, but they can help you prevent sensitive files from being altered or deleted. There are quite a few extended attributes, but we only need to look at the ones that deal with file security.

First, let's do an lsattr command to see which extended attributes you already have set. On the CentOS machine, your output would look something like this:

[donnie@localhost ~]$ lsattr
---------------- ./yum_list.txt
---------------- ./perm_demo.txt
---------------- ./perm_demo_dir
---------------- ./donnie_script.sh
---------------- ./suid_sgid_files.txt
---------------- ./suid_sgid_files2.txt
[donnie@localhost ~]$

So, as yet, I don't have any extended attributes set on any of my files.

On the Ubuntu machine, the output would look more like this:

donnie@ubuntu:~$ lsattr
-------------e-- ./file2.txt
-------------e-- ./secret_stuff_dir
-------------e-- ./secret_stuff_for_frank.txt.gpg
-------------e-- ./good_stuff
-------------e-- ./secret_stuff
-------------e-- ./not_secret_for_frank.txt.gpg
-------------e-- ./file4.txt
-------------e-- ./good_stuff_dir
donnie@ubuntu:~$

We won't worry about that e attribute, because that only means that the partition is formatted with the ext4 filesystem. CentOS doesn't have that attribute set, because its partition is formatted with the XFS filesystem.

The two attributes that we'll look at are:

  • a: You can append text to the end of a file that has this attribute, but you can't overwrite it. Only someone with proper sudo privileges can set or delete this attribute.
  • i: This makes a file immutable, and only someone with proper sudo privileges can set or delete it. Files with this attribute can't be deleted or changed in any way. It's also not possible to create hard links to files that have this attribute.

To set or delete attributes, you'll use the chattr command. You can set more than one attribute on a file, but only when it makes sense. For example, you wouldn't set both the a and the i attributes on the same file, because the i will override the a.

Let's start by creating the perm_demo.txt file with this text:

This is Donnie's sensitive file that he doesn't want to have overwritten.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.191.168.8