Re: OpenBSD and Solaris (was: Tough question for oracle DBAs/Solaris Admins. Log shipping.)

jKILLSPAM.schipper_at_math.uu.nl writes:

>OpenBSD's rm(1) does warn you when trying to delete a file that is
>either not owned by you, not writable by you, or probably meets a list
>of other criteria I can't think of offhand.

That is common rm(1) behaviour.

With immutable files such an attempt at removing a file will fail. So "rm -fr /" will keep the immutable files which is a worthwhile protection.

>> In order to support hard immutability you can think of mechanisms like
>> file signatures; as long as you load only pre-configured trusted modules,
>> that is fine.

>Well, as long as the kernel can be trusted to verify these signatures
>correctly, if I understand you correctly. This is not a given.

When the kernel can no longer be trusted to perform such tasks it is already compromised beyond repair.

>Really? While I think the ability to *do* this hotplugging is really
>neat, I would imagine that - outside of hotswapping disks - this would
>be quite rare.

>Just curious - do you need this feature often?

The way the system works, driver modules are genereally not loaded until a device is first used. The audio device driver, e.g., is not loaded until it is used. So it occurs even when you try using devices which have not been used or which haven't been used in a while (under memory pressure the default behaviour is to attempt to unload unused devices)

Casper

-- 
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.