What is dgfs? dgfs is the Dorian Gray File system for use in secure systems and honeypots. It is an overlay for an ext* filesystem that creates a read/writable mirror and changes the primary file system to transparent read only. Transparant read only means that it doesn't behave as read only, changes to the file system go through without warnings or errors, but are only written to the mirror. The system administrator sets a crontab job to run once a day/week/whatever that reports back the list of files changed via md5sum records (kept readonly on the primary file system) and optionally reports the actual changes to files (configured in diffreport.conf). What is dgfs good for? dgfs is for a filesystem that you think will be infrequently modified, but might be changed for valid reasons. /etc is a common choice. A more familiar security measure is tripwire, monitoring file signatures that may have changed from a list. dgfs protects an entire filesystem, records what changes have been made and submits the changes to the system administrator or other authority for approval before copying the changes from the mirrored filesystem to the primary filesystem. What is dgfs bad at? Logging. Don't use dgfs for /var/logs or any filesystem with that undergoes frequent writes. Who is Dorian Grey? Dorian Gray is a fictional character who did not age, rather his portrait aged for him. The text of the original book book is here: The Picture of Dorian Gray. And of course the movie/comic book "The League of Extraordinary Gentlemen" features a slightly different Dorian Gray. Is this a Joke? Yes. It's another one of my weird dreams. It sounded plausible enough to be a good hoax, there are some obvious problems that keep it from being a good idea.