From owner-freebsd-arch  Sat Mar 17 16:54:44 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from Awfulhak.org (awfulhak.demon.co.uk [194.222.196.252])
	by hub.freebsd.org (Postfix) with ESMTP id 88AF237B719
	for <freebsd-arch@FreeBSD.ORG>; Sat, 17 Mar 2001 16:54:41 -0800 (PST)
	(envelope-from brian@Awfulhak.org)
Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12])
	by Awfulhak.org (8.11.2/8.11.2) with ESMTP id f2I0sxm13564;
	Sun, 18 Mar 2001 00:54:59 GMT
	(envelope-from brian@lan.Awfulhak.org)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
	by hak.lan.Awfulhak.org (8.11.3/8.11.3) with ESMTP id f2I0vqm56252;
	Sun, 18 Mar 2001 00:57:52 GMT
	(envelope-from brian@hak.lan.Awfulhak.org)
Message-Id: <200103180057.f2I0vqm56252@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4
To: Kris Kennaway <kris@obsecurity.org>
Cc: Brian Somers <brian@Awfulhak.org>,
	Warner Losh <imp@harmony.village.org>,
	Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>,
	freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org
Subject: Re: flags settings for modules 
In-Reply-To: Message from Kris Kennaway <kris@obsecurity.org> 
   of "Sat, 17 Mar 2001 16:35:40 PST." <20010317163540.A5397@mollari.cthul.hu> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 18 Mar 2001 00:57:52 +0000
From: Brian Somers <brian@Awfulhak.org>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> I've always seen schg as an anti-foot-shooting device..if you
> accidentally spam that file and don't have any other kernels around,
> you're screwed.  If you spam modules, you're probably less screwed
> (though you still might be).

$ ls -lo /etc/*p*wd*
-rw-------  1 root  wheel  -  2466 Mar  6 17:48 /etc/master.passwd
-rw-r--r--  1 root  wheel  -  2027 Mar  6 17:48 /etc/passwd
-rw-r--r--  1 root  wheel  - 40960 Mar  6 17:48 /etc/pwd.db
-rw-------  1 root  wheel  - 40960 Mar  6 17:48 /etc/spwd.db

There's more than one foot waiting to be shot.  I think this sort of 
half-baked protection should really be turn-on-and-offable somewhere
(maybe /etc/make.conf) and shouldn't be on by default.

I'm not arguing that there are no good usages for file flags.  I'm 
just saying that I think everything we've done with them in the base 
system so far is .... surprising.  I find it a bit embarrassing.

> Kris

-- 
Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
      <http://www.Awfulhak.org>                   <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message