> Checkout chflags and what these offer.  It is possible to *stop*
> people modifying the kernel, /etc/rc*, in multiuser mode already.

> For proof of this, create a file in /tmp, set the schg flag and try
> remove the file.  Try rebooting, and see what happens when something
> tries to remove it whilst cleaning /tmp on reboot.

    142: touch /tmp/foo
    143: chflags uchg /tmp/foo
    144: rm -f /tmp/foo
    rm: /tmp/foo: Operation not permitted
    145: mv -f /tmp/foo /tmp/bar
    mv: rename /tmp/foo to /tmp/bar: Operation not permitted
    146: touch /tmp/xx
    147: mv -f /tmp/xx /tmp/foo
    mv: rename /tmp/xx to /tmp/foo: Operation not permitted

So far so good.  But....

    148: chflags nouchg /tmp/foo
    149: rm /tmp/foo
    150: ls /tmp/foo
    ls: /tmp/foo: No such file or directory

I didn't try the super-user version so may be this hole is filled.
[Besides, it does say this call is under development:-)]

Any way, I have said what I wanted to on this topic so I
will shut up now.

-- bakul