Date: Mon, 19 Feb 1996 14:17:58 +0300 (MSK) From: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A. Chernov, Black Mage) <ache@astral.msk.su> To: hackers@freebsd.org, Frank Durda IV <uhclem@nemesis.lonestar.org> Subject: Re: Is "immutable" supposed to be a good idea? Message-ID: <JKcn5AnWN1@ache.dialup.ru> In-Reply-To: <m0toMB5-000C7fC@nemesis.lonestar.org>; from Frank Durda IV at Sun, 18 Feb 96 21:22 WET References: <m0toMB5-000C7fC@nemesis.lonestar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <m0toMB5-000C7fC@nemesis.lonestar.org> Frank Durda IV
writes:
>If seems there is agreement after all:
>o The applications should either list the files that can't be restored
> or extracted, or SHOULD BE ABLE TO extract/restore over
> an immutable file in maintenance mode (Level 0) or some other set
> of criteria WITHOUT having to build a level -1 kernel first,
You don't need to build separate kernel, just issue some sort
of sysctl.
>I'll fix restore to nuke & replace immutable files automatically *if*
>someone would guarantee that some approved version of the changes would
>be allowed into the release tree. (No point if there is some religious
>reason for not doing this.)
You need to fix *all* backup/restore utils too: tar, cpio, pax,
it is false way. Better way is to have one command that change
kernel secure level to *less* secure, i.e. to level which ignores
immutable bits meaning completely.
It maybe some sysctl shortcut or something similar. It can be
automatically turned on for single user mode, so you even didn't
notice it.
--
Andrey A. Chernov : And I rest so composedly, /Now, in my bed,
ache@astral.msk.su : That any beholder /Might fancy me dead -
http://dt.demos.su/~ache : Might start at beholding me, /Thinking me dead.
RELCOM Team,FreeBSD Team : E.A.Poe From "For Annie" 1849
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?JKcn5AnWN1>