From owner-freebsd-security Wed Sep 17 09:20:25 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id JAA22045 for security-outgoing; Wed, 17 Sep 1997 09:20:25 -0700 (PDT) Received: from login.bigblue.no (root@login.bigblue.no [194.19.68.12]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA22040 for ; Wed, 17 Sep 1997 09:20:19 -0700 (PDT) Received: from eagle.bigblue.no (eagle.bigblue.no [194.19.68.13]) by login.bigblue.no (8.8.7/8.8.5) with SMTP id SAA25313 for ; Wed, 17 Sep 1997 18:20:15 +0200 (MET DST) Message-Id: <199709171620.SAA25313@login.bigblue.no> From: "Frode Nordahl" To: "freebsd-security@freebsd.org" Date: Wed, 17 Sep 97 18:20:13 +0100 Reply-To: "Frode Nordahl" Priority: Normal X-Mailer: PMMail 1.92 For OS/2 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: schg flag... Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hello! schg is a good flag to have for security on certain files/binaries, but if the flag can be turned of as easilly as running chflags noschg, the flag is pretty useless. People that want to modify such files most likelly allready have access enough to the system to run chflags. I thought that the schg flag was only to be modified if the system was running in some other mode than standard multiuser...? _____________________________________________________________ Frode Nordahl | P.B. 2509 Solli | Tel +47 22 20 47 18 Teknisk ansvarlig | 0202 Oslo | Fax +47 22 20 39 19 Computer Tjenester AS | Norway | froden@bigblue.no