From owner-freebsd-current  Tue Oct  1 07:39:10 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id HAA20628
          for current-outgoing; Tue, 1 Oct 1996 07:39:10 -0700 (PDT)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA20613;
          Tue, 1 Oct 1996 07:39:04 -0700 (PDT)
Received: (from bde@localhost) by godzilla.zeta.org.au (8.7.6/8.6.9) id AAA32208; Wed, 2 Oct 1996 00:35:48 +1000
Date: Wed, 2 Oct 1996 00:35:48 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199610011435.AAA32208@godzilla.zeta.org.au>
To: peter@spinner.DIALix.COM, sos@freebsd.org
Subject: Re: WARNING: botched ld.so commit! :-(
Cc: current@freebsd.org
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>> Damn, where is that pointy hat, damn who had it last ?? :) :)
>
>Yeah, especially considering the only two tools that can easily fix it are 
>dynamically linked :-(  (chflags and install).

Actually, chflags is linked static (except my version of course).

>Oh, another thought.. from a root login:
># /bin/mv /usr/libexec /usr/libexec.fubar
># /bin/mkdir /usr/libexec
># /bin/cp /whereever/ld.so /usr/libexec
># chflags noschg /usr/libexec.fubar/ld.so
># cp /wherever/ld.so /usr/libexec.fubar
># mv /usr/libexec /usr/libexec.fresh
># mv /usr/libexec.fubar /usr/libexec

This shows that the chflags on ld.so is mainly to [prevent] shoot[ing]
yourself in the foot.  It doesn't improve security.

Bruce