Hi, I'd like to password protect my hosts file, so it cannot be edited using terminal or any other means. Does anybody have a solution? Thanks, James
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
How to password protect hosts file
- Thread starter jamesg1985
- Start date
- Sort by reaction score
by default only root can write to hosts file
adams-mbp:etc adam$ ls -l /etc/hosts
-rw-r--r-- 1 root wheel 235 30 Nov 18:07 /etc/hosts
so unless you use sudo you can't update it. If you create a user that is not an administrator then unless you add the user to /etc/sudoers then you will not be able to use sudo and will not be able to update it.
adams-mbp:etc adam$ ls -l /etc/hosts
-rw-r--r-- 1 root wheel 235 30 Nov 18:07 /etc/hosts
so unless you use sudo you can't update it. If you create a user that is not an administrator then unless you add the user to /etc/sudoers then you will not be able to use sudo and will not be able to update it.
You could set the system immutable flag. While the flag is set, not even root can modify the file. That would require someone with using sudo to turn off that flag first before it could be modified. It would at least be an extra step that's not very common.
To set the immutable flag:
To turn off the flag:
To set the immutable flag:
Code:
sudo chflags schg /etc/hostsTo turn off the flag:
Code:
sudo chflags noschg /etc/hosts