From owner-freebsd-questions Wed Feb 6 4:32:59 2002 Delivered-To: freebsd-questions@freebsd.org Received: from post.mail.nl.demon.net (post-11.mail.nl.demon.net [194.159.73.21]) by hub.freebsd.org (Postfix) with ESMTP id AC75137B41C for ; Wed, 6 Feb 2002 04:32:53 -0800 (PST) Received: from [212.238.194.207] (helo=mailhost.raggedclown.net) by post.mail.nl.demon.net with esmtp (Exim 3.33 #1) id 16YRFs-0001BA-00 for questions@freebsd.org; Wed, 06 Feb 2002 12:32:52 +0000 Received: from angel.raggedclown.net (angel.raggedclown.intra [192.168.1.7]) by mailhost.raggedclown.net (Ragged Clown Mail Gateway [buffy]) with ESMTP id CC54213040 for ; Wed, 6 Feb 2002 13:32:50 +0100 (CET) Received: by angel.raggedclown.net (Ragged Clown Host [angel], from userid 1001) id 09ACE22590; Wed, 6 Feb 2002 13:32:51 +0100 (CET) Date: Wed, 6 Feb 2002 13:32:50 +0100 From: Cliff Sarginson To: questions@freebsd.org Subject: Re: The mysterious ls -ol option Message-ID: <20020206123250.GB67552@raggedclown.net> References: <51725360@toto.iv> <15456.57814.24842.401544@guru.mired.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <15456.57814.24842.401544@guru.mired.org> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Feb 06, 2002 at 01:57:10AM -0600, Mike Meyer wrote: > Cliff Sarginson types: > > On Tue, Feb 05, 2002 at 04:44:08PM +0100, Cliff Sarginson wrote: > > > On Tue, Feb 05, 2002 at 04:32:57PM +0100, Stijn Hoop wrote: > > Mmm, not a widely used feature I see. > > > > There are 259,621 files on this particular system I am on at the moment. > > /kernel is the only one of them with any of the flags set :) > > If that's true, your system has probably been broken into, and you > should reinstall it from known safe media. The system normally has > other files that have a flag set. > No, would not have thought so, it is a very new installation, and I check the firewall (which is pretty tight) every day, but I will look into it further...thanks for the warning anyway. > > How comes I don't know about this ? > > Because it's not a standard Unix feature, and you haven't done > anything - like elevated the security level of a machine and tried to > install a kernel - that would cause you to notice them. > Ok, I get that, I was thinking "I ought to know what this is.." > There was a debate - on -hackers, I believe - about whether or not > flags actually enhanced security in any way. I think the "yes" side > won, or at least won enough that various things are flagged as > unchangable. The nodump flag is also useful if you keep things like CD > images around across dumps. > Well, since I only just learnt about it, too early for me to form a view..though doubtless I will eventually :) > If you don't elevate the security level, then the only flag that is > really useful is nodump. If you do, then you can't turn off the schg > and sappnd flags, and your system is slightly more secure. > > Oh yeah - I think the arch flag exists for FAT file systems, but I > never used it on those either. > Ok, thanks for the explanation Mike. Another thing I can note in my little book :) I did look into these security level things a bit, they seem to be advantageous I would guess on a static system where high security is regarded as vital, but a bit of a pain if you are setting systems up and changing things around a lot, which is what I am doing on my network here. This network will eventually be more widely accessible outside, but in a very restricted setup, mostly for mail archiving and some web publication, and possibly for some educational use. But that time is some way off yet, I will have to consider security more closely then I guess. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message