From owner-freebsd-questions Fri May 26 10:21:43 1995 Return-Path: questions-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id KAA00759 for questions-outgoing; Fri, 26 May 1995 10:21:43 -0700 Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id KAA00753 for ; Fri, 26 May 1995 10:21:41 -0700 Received: by halloran-eldar.lcs.mit.edu; (5.65/1.1.3.6) id AA02678; Fri, 26 May 1995 13:21:34 -0400 Date: Fri, 26 May 1995 13:21:34 -0400 From: Garrett Wollman Message-Id: <9505261721.AA02678@halloran-eldar.lcs.mit.edu> To: Javier Martin Rueda Cc: questions@FreeBSD.org Subject: Which files should have append-only and immutable flags? In-Reply-To: <706*/S=jmrueda/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS> References: <706*/S=jmrueda/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS> Sender: questions-owner@FreeBSD.org Precedence: bulk < said: > After a quick thinking, it seems that probably the following directories and > all the files inside should be immutable, as they are not supposed to change > in the operating system's lifetime: > /sbin, /usr/sbin, /bin, /usr/bin, /usr/lib, /usr/X11R6/bin, /usr/X11R6/lib The apparent intent, so far as I can determine from what Berkeley shipped, is that the system immutable flag should only be set on those binaries which are necessary to get the system up far enough to restore from a local backup, and those that are security-sensitive. -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant