OT: setrlimit equivalent to prevent unlink or truncate
hofmann at blob.baaderstrasse.com
Fri May 30 12:25:18 PDT 2008
Chris Turner <c.turner at 199technologies.org> wrote:
> Johannes Hofmann wrote:
>> I'm wondering whether there is a way to prevent a process to modify
>> the file system. setrlimit(RLIMIT_FSIZE) to 0 almost does the trick,
>> but unfortunately it does not prevent unlink() or truncate().
>> Is there any reason why there is no limit to prevent unlink or
> if it works, mounting the FS readonly should work..
> also, chflags might be helpful..
> or is this a coding question about coding the program that calls
> setrlimit() ?
Yes, the latter. In a program I want to exec another binary with
More information about the Users