FOCUS on Linux: Filesystem Security - ext2 extended attributes

by Michael Shaffer Sept. 1, 2017 via Symantec

If asked to name the top five security features of the Linux kernel, most administrators would probably not mention ext2 filesystem attributes. Although the definitions for most of the useful ext2 filesystem flags appeared in the kernel source at least as early as the 1.1 development series, this humble feature often takes a back seat to more exotic and recently-introduced tools for preserving and assuring system integrity such as LIDS, Tripwire, and others.