From owner-freebsd-questions  Tue Feb  5 23:57:15 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from guru.mired.org (dsl-64-192-6-133.telocity.com [64.192.6.133])
	by hub.freebsd.org (Postfix) with SMTP id 6B70137B404
	for <questions@freebsd.org>; Tue,  5 Feb 2002 23:57:11 -0800 (PST)
Received: (qmail 11164 invoked by uid 100); 6 Feb 2002 07:57:10 -0000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15456.57814.24842.401544@guru.mired.org>
Date: Wed, 6 Feb 2002 01:57:10 -0600
To: Cliff Sarginson <cliff@raggedclown.net>
Cc: questions@freebsd.org
Subject: Re: The mysterious ls -ol option
In-Reply-To: <51725360@toto.iv>
X-Mailer: VM 6.90 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid
X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG%
 *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\
From: "Mike Meyer" <mwm-dated-1013414230.6827cf@mired.org>
X-Delivery-Agent: TMDA/0.44 (Python 2.2; freebsd-4.5-STABLE-i386)
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Cliff Sarginson <cliff@raggedclown.net> types:
> On Tue, Feb 05, 2002 at 04:44:08PM +0100, Cliff Sarginson wrote:
> > On Tue, Feb 05, 2002 at 04:32:57PM +0100, Stijn Hoop wrote:
> Mmm, not a widely used feature I see.
> 
> There are 259,621 files on this particular system I am on at the moment.
> /kernel is the only one of them with any of the flags set :)

If that's true, your system has probably been broken into, and you
should reinstall it from known safe media. The system normally has
other files that have a flag set.

> How comes I don't know about this ?

Because it's not a standard Unix feature, and you haven't done
anything - like elevated the security level of a machine and tried to
install a kernel - that would cause you to notice them.

There was a debate - on -hackers, I believe - about whether or not
flags actually enhanced security in any way. I think the "yes" side
won, or at least won enough that various things are flagged as
unchangable. The nodump flag is also useful if you keep things like CD
images around across dumps.

If you don't elevate the security level, then the only flag that is
really useful is nodump. If you do, then you can't turn off the schg
and sappnd flags, and your system is slightly more secure.

Oh yeah - I think the arch flag exists for FAT file systems, but I
never used it on those either.

	<mike
--
Mike Meyer <mwm@mired.org>			http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message