Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 25 Jun 1999 00:48:16 -0500 (CDT)
From:      Jason Young <doogie@anet-stl.com>
To:        Frank Tobin <ftobin@bigfoot.com>
Cc:        FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG>
Subject:   Re: file flags during low securelevels
Message-ID:  <Pine.BSF.3.96.990625004700.25811E-100000@earth.anet-stl.com>
In-Reply-To: <Pine.BSF.4.10.9906250032240.63311-100000@srh0710.urh.uiuc.edu>

next in thread | previous in thread | raw e-mail | index | archive | help

The immutable and other flags protect against accidental as well as
malicious damage. If they don't do their job in low securelevels, then
they don't do their job in out-of-the-box FreeBSD installations and any
other installation where the admin has not or does not know to raise the
securelevel.

Jason Young
ANET/accessUS Chief Network Engineer

On Fri, 25 Jun 1999, Frank Tobin wrote:

> I'm curious as to why file flags are in effect during low kernel
> securelevels ( < 1 ).  Would it be undesirable to have these flags not in
> effect during low securelevels, because they can be turned off at any
> time?  The reason I ask is that situations may arise where the whole
> system is simmutablized, but the administrator wants to do wide-scale
> file-replacement (e.g., make world) while the system is in single-user
> mode.  Currently that would be a big PITA, since you'd have to make sure
> you unflag all files before replacing them.  Also, during system bootup,
> it is not unreasonable to assume that some process would want to edit some
> files at boot time, but these files can be flagged after startup (e.g.,
> /var/log/messages rotated upon startup, but then sappend'd).
> 
> Is there a performance hit I'm not thinking off here?  Or could we make
> this another sysctl knob (kern.fileflagsignored) or such?
> 
> -- 
> Frank Tobin			"To learn what is good and what is to be
> http://www.bigfoot.com/~ftobin	 valued, those truths which cannot be
> 				 shaken or changed." Myst: The Book of Atrus
> FreeBSD: The Power To Serve
> 
> PGPenvelope = GPG and PGP5 + Pine             PGP:  4F86 3BBB A816 6F0A 340F
> http://www.bigfoot.com/~ftobin/resources.html       6003 56FF D10A 260C 4FA3
> 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990625004700.25811E-100000>