Native linux partition format (like ext2/3/4) have a pretty cool functionality: file attribute. Theses attributes give you some control on how the kernel treat a particular file. The command chattr and lsattr allow you to change and check theses attributes.
One attribute that can be a life saver for system administrator is the ‘immutable’ one. When flagged ‘immutable’ no one, not even root, can change a file. This allow you to prevent any accidental modification. For example let say we want to prevent any change on the /etc/shadow file:
# chattr +i /etc/shadowWhen modification are required, we simply remove the flag:
# chattr -i /etc/shadowThere is a lot of other attributes to play with. Check chattr man page for more detail on them.