Date: Wed, 17 Sep 1997 15:37:17 -0400 (EDT) From: Brian Mitchell <brian@firehouse.net> To: Frode Nordahl <froden@bigblue.no> Cc: "freebsd-security@freebsd.org" <freebsd-security@FreeBSD.ORG> Subject: Re: schg flag... Message-ID: <Pine.BSI.3.95.970917153627.13001A-100000@shell.firehouse.net> In-Reply-To: <199709171620.SAA25313@login.bigblue.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 17 Sep 1997, Frode Nordahl wrote: > Hello! > > schg is a good flag to have for security on certain files/binaries, but if the flag can be turned of as easilly as running > chflags noschg, the flag is pretty useless. set securelevel above the 'perm insecure' level, and this will not be the case. > > People that want to modify such files most likelly allready have access enough to the system to run chflags. > > I thought that the schg flag was only to be modified if the system was running in some other mode than standard > multiuser...?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.970917153627.13001A-100000>