kernel-level/system-critical daemon monitoring /etc/hosts
I'm looking for a way to modify something deep in the structure of Linux (so I cannot just circumvent it by killing a process/task), that protects /etc/hosts from any changes, even by root (myself). I'd be willing to modify kernel source and recompile that.
It would be ideal if there was a way to add but not remove hostnames for 127.0.0.1 or 0.0.0.0 by way of a command.
In any case it should be a huge hassle involving something as bothersome as kernel recompilation or similar to remove hostnames from /etc/hosts.
As the root of a system, there are just no ways to disallow oneself to waste time on the internet (youtube, browsergames, ...), that aren't circumvented in a matter of seconds grace to the power of sudo or su (or just plain deactivating the respective FF/Chromium extension).
One idea would be to open and read the file during the boot process and keeping it open so that message that it's still in use and thus cannot be deleted message appears if one tries that and also watch the file and overwrite it when it is written in (though it would be kind of hard to avoid a loop there).
It would be best to patch something that is changed less often than the kernel, so the patching wouldn't need to be as often. I "speak" a few programming languages, but sadly not C/C++, though I understand it.
Anyway, I'd be grateful for any help, be it hints, suggestions, bits of code or even a full-fledged patch.