How to stop the infection ... or how to limit the number of files that can be changed in a given interval?

S

Sergey2017-05-13 06:07:31

linux

Sergey, 2017-05-13 06:07:31

Of course, I understand .. backup ... mirrors ... but all this is sadly long in time in case of restoration! Is it possible to set readonly mode for all documents ... if the number of changes exceeded ... well, suppose 20 documents in a folder? Interested in both Windows and Nix. Plus, you need to implement an incomplete deletion ... when the file, after deletion, goes into an invisible space for the user. And don't go nowhere. Interested in feedback on third-party solutions and built-in mechanisms that I missed for some reason.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Artem @Jump, 2017-05-13
curated by the

Well, theoretically it is possible, but it is difficult and resource-intensive.
This will create more problems.
And so everything is simple -
1) Setting rights.
2) Competent backup.
In most cases, you don’t even have to go to the backup, it is restored from a shadow copy.
It's pretty fast.
A maximum of half an hour, more often five minutes is enough.

Plus, you need to implement an incomplete deletion ... when the file, after deletion, goes into an invisible space for the user.

What is it like?
In general, the file is not sent anywhere after deletion, but remains where it was.

V

Valentine, 2017-05-13
@vvpoloskin

Under linux in selinux, a new policy can be created for users.

D

Dmitry Shitskov, 2017-05-13
@Zarom

Variations on the theme:
SAMBA and vfs_recycle - "bin" for
ZFS shares or Windows Server - regular snapshots