From owner-freebsd-stable  Mon Oct  9 10:58:57 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9624537B66C; Mon,  9 Oct 2000 10:58:53 -0700 (PDT)
Received: by peitho.fxp.org (Postfix, from userid 1000)
	id 2CCC81360D; Mon,  9 Oct 2000 13:58:48 -0400 (EDT)
Date: Mon, 9 Oct 2000 13:58:48 -0400
From: Chris Faulhaber <jedgar@fxp.org>
To: Mark Ovens <marko@freebsd.org>
Cc: Vivek Khera <khera@kciLink.com>, freebsd-stable@freebsd.org
Subject: Re: make buildworld failing
Message-ID: <20001009135848.A558@peitho.fxp.org>
Mail-Followup-To: Chris Faulhaber <jedgar@fxp.org>,
	Mark Ovens <marko@freebsd.org>, Vivek Khera <khera@kciLink.com>,
	freebsd-stable@freebsd.org
References: <20001008154111.D96958@freebie.demon.nl> <Pine.BSF.4.21.0010090022420.95800-100000@starbug.ugh.net.au> <14817.54397.228468.872440@onceler.kciLink.com> <20001009103539.B28702@peitho.fxp.org> <20001009185431.C252@parish>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20001009185431.C252@parish>; from marko@freebsd.org on Mon, Oct 09, 2000 at 06:54:31PM +0100
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, Oct 09, 2000 at 06:54:31PM +0100, Mark Ovens wrote:
> On Mon, Oct 09, 2000 at 10:35:39AM -0400, Chris Faulhaber wrote:
> > On Mon, Oct 09, 2000 at 10:21:49AM -0400, Vivek Khera wrote:
> > > >>>>> "a" == andrew  <andrew@ugh.net.au> writes:
> > > 
> > > a> On Sun, 8 Oct 2000, Wilko Bulte wrote:
> > > 
> > > >> People already having root privs are not stopped by it. Or is it only aimed
> > > >> at the higher securelevels?
> > > 
> > > a> I assume its for secure levels 1 and above and if you were a security
> > > a> conscious site I imagine it would be a very useful feature.
> > > 
> > > My question is why does /usr/obj need the schg flag set on anything in
> > > the first place?  It basically means that on a secure system you have
> > > to reboot to single user just to delete the build tree.
> > > 
> > 
> > It doesn't (as of 4.x).  Previous branches did set the schg flag, however
> > 4.x and 5.x no longer do this.
> 
> Thank you for the explanation. Can you just confirm that this has *always*
> been the case for 4.x? (so that I can update the handbook).
> 

IIRC, it has been that way since sometime during the development of
4.0-CURRENT.

-- 
Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
--------------------------------------------------------
FreeBSD: The Power To Serve   -   http://www.FreeBSD.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message