From owner-freebsd-security  Wed Aug  1 16:10: 0 2001
Delivered-To: freebsd-security@freebsd.org
Received: from xs4nobody.nl (xs4nobody.nl [62.58.36.22])
	by hub.freebsd.org (Postfix) with SMTP id A231137B403
	for <freebsd-security@freebsd.org>; Wed,  1 Aug 2001 16:09:56 -0700 (PDT)
	(envelope-from bart@xs4nobody.nl)
Received: (qmail 9902 invoked by uid 1000); 1 Aug 2001 23:09:46 -0000
Date: Thu, 2 Aug 2001 01:09:46 +0200
From: Bart Matthaei <bart@xs4nobody.nl>
To: Nuno Teixeira <nuno.mailinglists@pt-quorum.com>
Cc: freebsd-security@freebsd.org
Subject: Re: RELEASE 4.3 -> RELENG_4_3: SUCCESSFULLY but ...
Message-ID: <20010802010946.A9880@heresy.xs4nobody.nl>
References: <20010801220141.C2354@gateway.bogus>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010801220141.C2354@gateway.bogus>; from nuno.mailinglists@pt-quorum.com on Wed, Aug 01, 2001 at 10:01:41PM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Wed, Aug 01, 2001 at 10:01:41PM +0100, Nuno Teixeira wrote:
<snip>
> My question is: what is the real danger of doing `installworld` in 
> multiuser mode? I have doing a lot of tests in other machines tracking 
> STABLE and I have no problems so far.

They advice you to run singleuser, because of the securelevel.
If your securlevel is set to 3, for instance, you (no, not even root) wont be
able to overwrite files that have the schg flags set (system immutable
flag).. So things like rcp (which is schg by default) wont be installed
properly.

Also, singleuser makes sure processes like sshd are shut down.

(this is my theory.. correct me if im wrong)

With regards,

Bart Matthaei

-- 
Bart Matthaei           |       bart@xs4nobody.nl
                        |          +31 6 24907042
Cysonet Managed Hosting |        bart@cysonet.com
-------------------------------------------------
/* It's always funny until someone gets hurt..
 * (and then it's just hilarious)              */

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message