> I think the idea here is now you can make it so even root can't
> change where a symbolic link points to if the link itself is
> immutable, i.e. a security feature.

Are immutable files non-removable, then?  Because as it stands,
*nobody* can *ever* change where a symlink points - all you can do is
remove it and create a new one.  (I've thought that the write bit on a
symlink should allow atomically replacing it with symlink(2), but as
the vnode interface stands that would have to be done in the individual
filesystems rather than in sys_symlink()....)

If immutable stuff is non-removable and non-renamable, that opens up
whole piles of DoS possibilities.  But if they *are* removable and/or
renamable, then there's a fairly real sense in which they're not
immutable.

Thoughts?

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B