From owner-freebsd-current Tue Apr 4 07:29:27 1995 Return-Path: current-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id HAA13351 for current-outgoing; Tue, 4 Apr 1995 07:29:27 -0700 Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id HAA13339 for ; Tue, 4 Apr 1995 07:29:22 -0700 Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id AAA23867; Wed, 5 Apr 1995 00:22:40 +1000 Date: Wed, 5 Apr 1995 00:22:40 +1000 From: Bruce Evans Message-Id: <199504041422.AAA23867@godzilla.zeta.org.au> To: jkh@freefall.cdrom.com, rgrimes@gndrsh.aac.dev.com Subject: Re: a few patches... Cc: current@FreeBSD.org, smace@metal-mail.neosoft.com Sender: current-owner@FreeBSD.org Precedence: bulk >> > I would like to add a config option to enable as disable securelevel. >> > the securelevel and chflags features are a major security helper IMHO. >> >> Are you saying you also want to come up secure? No installing over >> kernels and things except when up single? >> >> Hmmmmm... Hmmmmmmmmmmmmm! David? When did we say we were going to >> cut over after the "grace period" on this one? :-) >> >> Personally, I think it's not a bad idea for 2.1. I think it highly Optionally. >Did you find an archive format to use for the bindist's that preserve >this information?? Tar doesn't, I think I remeber seeing Brunce say >that cpio -H newc did, but I can't verify it right now since my 2.x box >is down. None of tar, cpio or pax call chflags(), so they can't restore flags. Bruce