From owner-freebsd-questions  Tue Apr 27 12:53:24 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32])
	by hub.freebsd.org (Postfix) with ESMTP id 0F1B415220
	for <freebsd-questions@FreeBSD.ORG>; Tue, 27 Apr 1999 12:53:17 -0700 (PDT)
	(envelope-from dwhite@resnet.uoregon.edu)
Received: from localhost (dwhite@localhost)
          by resnet.uoregon.edu (8.8.8/8.8.8) with ESMTP id MAA29624;
          Tue, 27 Apr 1999 12:52:47 -0700 (PDT)
          (envelope-from dwhite@resnet.uoregon.edu)
Date: Tue, 27 Apr 1999 12:52:46 -0700 (PDT)
From: Doug White <dwhite@resnet.uoregon.edu>
To: Eugene Sevinian <sevinian@aya.yerphi.am>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: kernel security level; Books
In-Reply-To: <Pine.LNX.3.96.990427124927.19755B-100000@aya.yerphi.am>
Message-ID: <Pine.BSF.4.03.9904271249010.2463-100000@resnet.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 27 Apr 1999, Eugene Sevinian wrote:

> Recently I started to use freebsd (3.01) at work , and the first
> thing which I should learn is how to edit some config files in
> /usr/local/etc directory. It was explained in init's man that there are 4
> levels of security and if it is set to -1 than root can do everything
> according to given file permissions. sysctl tells that this value set to
> -1, so what the matter?  At the same time I was able to create new file in
> /usr/local.  What I am doing wrong?

Secure levels are tricky.  You should *completely* understand what they do
before setting them, since it can cause unusual system problems.

I don't know where you read that root has to follow permissions; it's not
on the init(8) manpage.  Root can _always_ override permissions (just not
flags; see chflags(8)).  

> Q2. Can you recommend some "must have" books about FreeBSD? Are there
> available in russian as well? 

For newbies, ``The Complete FreeBSD'' from Walnut Creek is useful.  The
O'Reilly books on individual daemons (ie, DNS, sendmail) are helpful as
well.

Doug White                               
Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message