This content originally appeared on DEV Community and was authored by Faruk
Member-only story
Why I Always Use chattr to Protect Critical Linux Files
chattr
3
Share
Permissions in Linux are powerful, but sometimes they’re not enough. If an attacker gets root, they can still modify or delete sensitive files. That’s why I use the chattr (change attribute) command as an extra layer of defense.
chattr
It’s a small step that can block both mistakes and attacks.
🚨 Why Permissions Alone Aren’t Enough
- Root override → Even if files are chmod 600 , root can still edit them.
chmod 600- Accidental edits → Admins (myself included) can mistype commands and break critical configs. - Malware persistence → Many backdoors work by silently modifying files like /etc/passwd or /etc/ssh/sshd_config .
/etc/passwd/etc/ssh/sshd_config## 🔐 How chattr HelpschattrThe chattr command lets you add special attributes to files on ext filesystems. Most useful:chattr- +i → Immutable : file cannot be modified, renamed, or deleted (even by root).+i- +a → Append-only : file can only be written to (not erased).+a## 🛠️ Step 1: Protect Sensitive Configs
Example: Protect SSH config.
chattr +i /etc/ssh/sshd_config
👉 Read Full Blog on Medium Here
This content originally appeared on DEV Community and was authored by Faruk
Faruk | Sciencx (2025-09-24T18:32:31+00:00) Why I Always Use chattr to Protect Critical Linux Files | by Faruk Ahmed | Sep, 2025. Retrieved from https://www.scien.cx/2025/09/24/why-i-always-use-chattr-to-protect-critical-linux-files-by-faruk-ahmed-sep-2025/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.