From owner-freebsd-questions Tue Jul 16 12:43:02 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA02595 for questions-outgoing; Tue, 16 Jul 1996 12:43:02 -0700 (PDT) Received: from gatekeeper.fsl.noaa.gov (gatekeeper.fsl.noaa.gov [137.75.131.181]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA02587 for ; Tue, 16 Jul 1996 12:43:00 -0700 (PDT) Received: from emu.fsl.noaa.gov (kelly@emu.fsl.noaa.gov [137.75.60.32]) by gatekeeper.fsl.noaa.gov (8.7.5/8.7.3) with ESMTP id TAA28545; Tue, 16 Jul 1996 19:42:57 GMT Message-Id: <199607161942.TAA28545@gatekeeper.fsl.noaa.gov> Received: by emu.fsl.noaa.gov (1.40.112.4/16.2) id AA117516208; Tue, 16 Jul 1996 13:43:28 -0600 Date: Tue, 16 Jul 1996 13:43:28 -0600 From: Sean Kelly To: mcnab@bayarea.net Cc: black@MR.Net, questions@FreeBSD.ORG In-Reply-To: <199607161817.LAA03277@baygate.bayarea.net> (message from David McNab on Tue, 16 Jul 1996 11:17:37 -0700) Subject: Re: can't delete rcp Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >>>>> "David" == David McNab writes: David> What is the rationale behind it, and where did it come David> from? Oh, and there's a good discussion on security levels and what they do in init(1). For example: 1 Secure mode - immutable and append-only flags may not be changed; disks for mounted filesystems, /dev/mem, and /dev/kmem are read- only. so that's another reason to use chflags on sensitive files. You might even want to go as far as setting immutable on all distribution media files, like /usr/bin/*. Be careful out there! -- Sean Kelly NOAA Forecast Systems Laboratory kelly@fsl.noaa.gov Boulder Colorado USA http://www-sdd.fsl.noaa.gov/~kelly/