Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 17 Sep 1997 15:37:17 -0400 (EDT)
From:      Brian Mitchell <brian@firehouse.net>
To:        Frode Nordahl <froden@bigblue.no>
Cc:        "freebsd-security@freebsd.org" <freebsd-security@FreeBSD.ORG>
Subject:   Re: schg flag...
Message-ID:  <Pine.BSI.3.95.970917153627.13001A-100000@shell.firehouse.net>
In-Reply-To: <199709171620.SAA25313@login.bigblue.no>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 17 Sep 1997, Frode Nordahl wrote:

> Hello!
> 
> schg is a good flag to have for security on certain files/binaries, but if the flag can be turned of as easilly as running 
> chflags noschg, the flag is pretty useless.

set securelevel above the 'perm insecure' level, and this will not be the
case.

> 
> People that want to modify such files most likelly allready have access enough to the system to run chflags.
> 
> I thought that the schg flag was only to be modified if the system was running in some other mode than standard 
> multiuser...?







Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.970917153627.13001A-100000>