From owner-freebsd-questions@FreeBSD.ORG Mon Apr 19 08:35:31 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BAD4316A4CE for ; Mon, 19 Apr 2004 08:35:31 -0700 (PDT) Received: from auk1.snu.ac.kr (auk1.snu.ac.kr [147.46.100.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 50CCB43D49 for ; Mon, 19 Apr 2004 08:35:31 -0700 (PDT) (envelope-from nospam@users.sourceforge.net) Received: from [147.47.254.184] (nospam@users.sourceforge.net) by auk1.snu.ac.kr (Terrace Internet Messaging Server) with ESMTP id 2004042000:27:31:536151.12682.2882538416 for ; Tue, 20 Apr 2004 00:27:31 +0900 (KST) Message-ID: <4083F1C1.90809@users.sourceforge.net> Date: Tue, 20 Apr 2004 00:35:29 +0900 From: Rob User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040316 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-TERRACE-SPAMMARK: YES-__TRSYS_LV__3 (SR:-5.19) (SRN:SPAMROBOT) ----------------- Subject: securelevel=3 and append-only: can I use this for files in /var/log/ ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Apr 2004 15:35:31 -0000 Hi, To prevent a possible intruder to modify the syslog files (unless rebooting the system), would following cause havoc on my FreeBSD-stable PC, or would it add the expected security: as root: # chflags sappnd /var/log/* rc.conf: kern_securelevel_enable="YES" kern_securelevel="3" And reboot the system. Rob.