[$] Implementing fully immutable files

Like all Unix-like systems, Linux implements the traditional protectionbits controlling who can access files in a filesystem (and what accessthey have). Fewer users, perhaps, are aware of a set of additionalpermission bits hidden away behind the chattrand lsattrcommands. Among other things, these bits can make a file append-only,mark a file to be excluded from backups, cause a file's data to be automaticallyoverwritten on deletion, or make a file immutable. The implementation ofmany of these features is incomplete at best, so perhaps it's notsurprising that immutable files can still be changed in certainlimited circumstances. Darrick Wong has posted apatch set changing this behavior, implementing a user-visiblebehavioral change that he describes as "an extraordinary way todestroy everything".