From owner-freebsd-current  Tue Apr  4 07:29:27 1995
Return-Path: current-owner
Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id HAA13351 for current-outgoing; Tue, 4 Apr 1995 07:29:27 -0700
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id HAA13339 for <current@FreeBSD.org>; Tue, 4 Apr 1995 07:29:22 -0700
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id AAA23867; Wed, 5 Apr 1995 00:22:40 +1000
Date: Wed, 5 Apr 1995 00:22:40 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199504041422.AAA23867@godzilla.zeta.org.au>
To: jkh@freefall.cdrom.com, rgrimes@gndrsh.aac.dev.com
Subject: Re: a few patches...
Cc: current@FreeBSD.org, smace@metal-mail.neosoft.com
Sender: current-owner@FreeBSD.org
Precedence: bulk

>> > I would like to add a config option to enable as disable securelevel.
>> > the securelevel and chflags features are a major security helper IMHO.
>> 
>> Are you saying you also want to come up secure?  No installing over
>> kernels and things except when up single?
>> 
>> Hmmmmm...  Hmmmmmmmmmmmmm!  David?  When did we say we were going to
>> cut over after the "grace period" on this one? :-)
>> 
>> Personally, I think it's not a bad idea for 2.1.  I think it highly

Optionally.

>Did you find an archive format to use for the bindist's that preserve
>this information??  Tar doesn't, I think I remeber seeing Brunce say
>that cpio -H newc did, but I can't verify it right now since my 2.x box
>is down.

None of tar, cpio or pax call chflags(), so they can't restore flags.

Bruce