Date: Fri, 17 Sep 1999 16:08:18 -0600 From: Warner Losh <imp@village.org> To: Brett Glass <brett@lariat.org> Cc: Liam Slusser <liam@tiora.net>, Kenny Drobnack <kdrobnac@mission.mvnc.edu>, "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>, security@FreeBSD.ORG Subject: Re: BPF on in 3.3-RC GENERIC kernel Message-ID: <199909172208.QAA05554@harmony.village.org> In-Reply-To: Your message of "Fri, 17 Sep 1999 16:05:57 MDT." <4.2.0.58.19990917160519.047cc890@localhost> References: <4.2.0.58.19990917160519.047cc890@localhost> <Your message of "Thu, 16 Sep 1999 18:54:24 MDT." <4.2.0.58.19990916185341.00aaf100@localhost> <4.2.0.58.19990916185341.00aaf100@localhost> <Pine.GSO.3.96.990916150427.5757E-100000@mission.mvnc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <4.2.0.58.19990917160519.047cc890@localhost> Brett Glass writes:
: At 02:04 PM 9/17/99 -0600, Warner Losh wrote:
:
: > As it is, it takes a hell of a lot of work to keep root
: >from running completely arbitrary commands on boot.
:
: Sounds like a job for an automatic utility!
Yes. Automation would help. Today you almost have to do
chflags schg /usr/{s,}bin/* /{s,}bin/* /usr/libexec/* /etc/* /usr/lib/*
to get started, but even that leaves a few holes...
I'd love to see an intellegent automation tool and would happily
review it. Sadly, I don't have the time to write and maintain said
tool.
Warner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909172208.QAA05554>