From owner-freebsd-security Wed Feb 5 08:26:32 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id IAA05310 for security-outgoing; Wed, 5 Feb 1997 08:26:32 -0800 (PST) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA03869; Wed, 5 Feb 1997 08:24:43 -0800 (PST) Received: from time.cdrom.com (localhost [127.0.0.1]) by time.cdrom.com (8.8.5/8.6.9) with ESMTP id IAA19376; Wed, 5 Feb 1997 08:23:07 -0800 (PST) To: Guido.vanRooij@nl.cis.philips.com (Guido van Rooij) cc: jgreco@solaria.sol.net, joerg_wunsch@uriah.heep.sax.de, core@freebsd.org, security@freebsd.org, jkh@freebsd.org Subject: Re: 2.1.6+++: crt0.c CRITICAL CHANGE In-reply-to: Your message of "Wed, 05 Feb 1997 17:15:00 +0100." <199702051615.RAA05095@bsd.lss.cp.philips.com> Date: Wed, 05 Feb 1997 08:23:06 -0800 Message-ID: <19372.855159786@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > It does work. I tested it on a life system. However, as stated earlier, > it should check for immutable and append only flags and react accordingly. OK. Is anyone making those changes? :-) I should note that this kind of solution is kinda scarey in that we'll have to document the heck out of it before we can ever unleash it on the general public without getting back a flood of "Augh! I nuked my system! Nothing runs now!!" reports. Is there enough committment here for making it into that kind of solution? ;) Jordan