May 14, 2019
11:18 p.m.
On 5/14/19, Steven D'Aprano <steve@pearwood.info> wrote:
On posix systems, you should be able to use chattr +i to make the file immutable, so that the attacker cannot remove or replace it.
Minor point of clarification. File attributes, and APIs to access them, are not in the POSIX standard. chattr is a Linux command that wraps the filesystem IOCTLs for getting and setting file attributes. There's no chattr system call, so thus far it's not supported in Python's os module. BSD and macOS have chflags, which supports both system- and user-immutable file attributes. Python supports it as os.chflags.