Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 28 Jul 1997 16:17:04 -0700 (PDT)
From:      Vincent Poy <vince@mail.MCESTATE.COM>
To:        "Matthew N. Dodd" <winter@jurai.net>
Cc:        security@FreeBSD.ORG, JbHunt <johnnyu@accessus.net>, "[Mario1-]" <mario1@PrimeNet.Com>
Subject:   Re: security hole in FreeBSD
Message-ID:  <Pine.BSF.3.95.970728161605.3844u-100000@mail.MCESTATE.COM>
In-Reply-To: <Pine.BSF.3.95q.970728182943.25254F-100000@sasami.jurai.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 28 Jul 1997, Matthew N. Dodd wrote:

=)On Mon, 28 Jul 1997, Vincent Poy wrote:
=)> On Mon, 28 Jul 1997, Matthew N. Dodd wrote:
=)> =)As a general rule I set all suid/sgid system executeables schg and run
=)> =)with securelevel set to 1 or 2.
=)         ^^^^^^^^^^^^^^^^^^^^^^^^^
=)> 	That wouldn't do any good if the user can chflags noschg on the
=)> binaries you have schg on.
=)
=)'man init'

	True but if you needed to compile -current, you would need to
remove the schg flags on some binaries before the make world.


Cheers,
Vince - vince@MCESTATE.COM - vince@GAIANET.NET           ________   __ ____ 
Unix Networking Operations - FreeBSD-Real Unix for Free / / / / |  / |[__  ]
GaiaNet Corporation - M & C Estate                     / / / /  | /  | __] ]  
Beverly Hills, California USA 90210                   / / / / / |/ / | __] ]
HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970728161605.3844u-100000>