Date: Thu, 12 Apr 2007 13:28:11 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: John Nielsen <lists@jnielsen.net>, ticso@cicely.de, current@freebsd.org Subject: Re: ZFS to support chflags? Message-ID: <20070412172811.GA48309@xor.obsecurity.org> In-Reply-To: <20070412114135.C64803@fledge.watson.org> References: <200704112004.03903.lists@jnielsen.net> <20070412021645.GQ30772@cicely12.cicely.de> <20070412114135.C64803@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--dDRMvlgZJXvWKvBx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Apr 12, 2007 at 11:42:37AM +0100, Robert Watson wrote: >=20 > On Thu, 12 Apr 2007, Bernd Walter wrote: >=20 > >On Wed, Apr 11, 2007 at 08:04:03PM -0400, John Nielsen wrote: > > > >>I just moved /usr over to a zpool on my -CURRENT system. Performance an= d=20 > >>stability are both excellent so far. (Thanks Pawel!) However I noticed= =20 > >>that setting FS flags on files with chflags is not supported. Would it = be=20 > >>feasible to add support for flags on ZFS, and if so are there plans to = do=20 > >>so? > >> > >>If not (and/or in the meantime), are there any places in the base syste= m=20 > >>where flags are required for normal operation? (/var maybe?) > > > >Some binaries have such flags set, but it is not required, otherwise=20 > >diskless NFS wouldn't work. I often see installworld warnings about beei= ng=20 > >unable to set extended flags on ld.so and others on my diskless boxes. >=20 > I'm not a big fan of setting these flags -- I fairly frequently run into= =20 > problems when I installworld an NFS root on the NFS host, then try to wor= k=20 > with it over NFS from the NFS-booted system, as the flags can't be remove= d=20 > via NFS. They don't offer a security benefit as-installed, and perhaps= =20 > offer a benefit with respect to preventing people from shooting themselve= s=20 > in the foot (or perhaps not). Yeah, historical intentions notwithstanding, the real benefit of schg flags on critical pieces is anti foot-shooting. e.g. you really don't want to accidentally delete ld-elf.so.1 or libc.so.7 or init. You can usually recover from this, but it can mess up your whole day :) Kris --dDRMvlgZJXvWKvBx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFGHmwrWry0BWjoQKURAuy6AJ95vfke+IXYJtRxN5tAI3x5W8k3igCfX401 bGaT9rRIoMz+8xGkR+9Z9lk= =M29L -----END PGP SIGNATURE----- --dDRMvlgZJXvWKvBx--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070412172811.GA48309>