I mailed Remy Card about this already, but haven't heard back from him, so
I thought I'd post this to the list to make sure it got out there. A couple
of weeks ago I was playing with the ext2 immutable and append flags and
noticed that it is possible to overwrite an immutable or append only file
simply by renameing a non-immutable file over the old immutable file!
Definately defeats the purpose of immutable files.
The problem is that the new_inode isn't checked to make sure it's not
immutable before the rename is done. The following patch corrects the
problem (patched against 2.0.30):
![[ Register ]](/images/navbar/register.gif){kind=small}
![[ About us ]](/images/navbar/about.gif){kind=small}
![[ Home Page ]](/images/navbar/homepage.gif){kind=small}
![[ Kernel ]](/images/navbar/kernel.gif){kind=small}
![[ Documentation ]](/images/navbar/documentation.gif){kind=small}
![[ Links ]](/images/navbar/links.gif){kind=small}
![[ Books ]](/images/navbar/books.gif){kind=small}
