From owner-freebsd-security Fri Apr 17 13:42:36 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA22570 for freebsd-security-outgoing; Fri, 17 Apr 1998 13:42:36 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from fledge.watson.org (root@FLEDGE.RES.CMU.EDU [128.2.91.116]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA22487 for ; Fri, 17 Apr 1998 20:41:58 GMT (envelope-from robert@cyrus.watson.org) Received: from trojanhorse.pr.watson.org (trojanhorse.pr.watson.org [192.0.2.10]) by fledge.watson.org (8.8.8/8.8.8) with SMTP id QAA03110 for ; Fri, 17 Apr 1998 16:41:51 -0400 (EDT) Date: Fri, 17 Apr 1998 16:44:29 -0400 (EDT) From: Robert Watson X-Sender: robert@trojanhorse.pr.watson.org Reply-To: Robert Watson To: freebsd-security@FreeBSD.ORG Subject: Proposal: remove existing schg flags from make buildworld Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Currently, the use of schg flags can be a major hassle for those trying to build secure systems. Performing a build world generates a set of schg files that are hard to deal with in a secure environment (after all, they are schg :). Rather than imposing the schg flags during the build, it might be more appropriate to apply them only during the install. Even blowing away my object tree is made difficult: fledge:/home/fbsd-stable/src# rm -Rf ../obj/* rm: ../obj/home/fbsd-stable/src/tmp/usr/lib/libcipher.so.2.0: Operation not permitted rm: ../obj/home/fbsd-stable/src/tmp/usr/lib/libc.so.3.1: Operation not permitted rm: ../obj/home/fbsd-stable/src/tmp/usr/lib/libdescrypt.so.2.0: Operation not permitted rm: ../obj/home/fbsd-stable/src/tmp/usr/lib: Directory not empty rm: ../obj/home/fbsd-stable/src/tmp/usr/libexec/ld.so: Operation not permitted rm: ../obj/home/fbsd-stable/src/tmp/usr/libexec: Directory not empty rm: ../obj/home/fbsd-stable/src/tmp/usr: Directory not empty rm: ../obj/home/fbsd-stable/src/tmp: Directory not empty (up-to-date version of -stable -- I assume this also happens in -current?) There is nothing gained by doing this -- the source is not protected, and neither is the compiler :). Clearly on an install, it is useful to apply schg (although previous discussion suggests that this is not the case with the current arrangement :), but not during the build process. Robert N Watson ---- Carnegie Mellon University http://www.cmu.edu/ Trusted Information Systems http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message