This week’s TechMail is Learn to use extended file attributes in Linux to boost security which takes a look at using chattr, getfattr, setfattr, getfacl, and setfacl; tools that can be used to offer more granular security to files and directories. Being able to use SELinux or GrSecurity, AppArmor, and other security enhancements to the kernel are great, but they’re not always available and not always easily configurable. These tools take you back to basics (regarding, of course, filesystem security pertaining to ownership and access — this isn’t to say that SELinux and friends only do that, but sometimes a quick chattr or setfacl may be all that is required).

Share on: TwitterLinkedIn

Related Posts





Stay in touch