On Wed, 20 Apr 2005, Anders Peter Fugmann wrote: > Well written, and your arguments are truly valid. I still see a > practical usage though, as it will hold back the big mass of novice > script kiddies. The lock bit would harden the system, but not make it > unbreakable (there is no such thing as an unbreakable system, that is > connected on the net.) You can use any of the MAC systems of Linux and (when properly configured) then even root won't be able to change the firewall/network settings of your machine. Some of such systems in no particular order: SELinux, LIDS, grsecurity, RSBAC. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
