Date: Thu, 2 Aug 2001 01:09:46 +0200 From: Bart Matthaei <bart@xs4nobody.nl> To: Nuno Teixeira <nuno.mailinglists@pt-quorum.com> Cc: freebsd-security@freebsd.org Subject: Re: RELEASE 4.3 -> RELENG_4_3: SUCCESSFULLY but ... Message-ID: <20010802010946.A9880@heresy.xs4nobody.nl> In-Reply-To: <20010801220141.C2354@gateway.bogus>; from nuno.mailinglists@pt-quorum.com on Wed, Aug 01, 2001 at 10:01:41PM %2B0100 References: <20010801220141.C2354@gateway.bogus>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 01, 2001 at 10:01:41PM +0100, Nuno Teixeira wrote:
<snip>
> My question is: what is the real danger of doing `installworld` in
> multiuser mode? I have doing a lot of tests in other machines tracking
> STABLE and I have no problems so far.
They advice you to run singleuser, because of the securelevel.
If your securlevel is set to 3, for instance, you (no, not even root) wont be
able to overwrite files that have the schg flags set (system immutable
flag).. So things like rcp (which is schg by default) wont be installed
properly.
Also, singleuser makes sure processes like sshd are shut down.
(this is my theory.. correct me if im wrong)
With regards,
Bart Matthaei
--
Bart Matthaei | bart@xs4nobody.nl
| +31 6 24907042
Cysonet Managed Hosting | bart@cysonet.com
-------------------------------------------------
/* It's always funny until someone gets hurt..
* (and then it's just hilarious) */
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010802010946.A9880>