Date: Tue, 29 May 2001 17:59:56 -0400 From: Vivek Khera <khera@kcilink.com> To: stable@freebsd.org Subject: Re: adding "noschg" to ssh and friends Message-ID: <15124.7132.963202.560009@onceler.kciLink.com> In-Reply-To: <20010529145609.A1209@xor.obsecurity.org> References: <15124.4635.887375.682204@onceler.kciLink.com> <20010529145609.A1209@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "KK" == Kris Kennaway <kris@obsecurity.org> writes: >> marked, and it just seems to follow to me that ssh related binaries >> should as well. KK> No; schg isn't a security feature, at best it's an anti-foot-shooting KK> feature to prevent accidental trashing of the file. I disagree. If my machine is at securelevel > 0, schg is a damned fine security mesasure to protect sensitive programs from being trojaned. There's just no way around it short of having access to the console. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15124.7132.963202.560009>