From owner-freebsd-questions@FreeBSD.ORG Thu Apr 22 22:04:51 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 42BED16A4CE for ; Thu, 22 Apr 2004 22:04:51 -0700 (PDT) Received: from out005.verizon.net (out005pub.verizon.net [206.46.170.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id B3F3D43D31 for ; Thu, 22 Apr 2004 22:04:50 -0700 (PDT) (envelope-from alden.pierre@verizon.net) Received: from verizon.net ([138.89.105.212]) by out005.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040423050450.WEBE2677.out005.verizon.net@verizon.net>; Fri, 23 Apr 2004 00:04:50 -0500 Message-ID: <4088A437.6030801@verizon.net> Date: Fri, 23 Apr 2004 01:05:59 -0400 From: Alden Louis-Pierre User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040422 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Malcolm Kay References: <40888E41.1040700@verizon.net> <200404231418.04696.malcolm.kay@internode.on.net> In-Reply-To: <200404231418.04696.malcolm.kay@internode.on.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out005.verizon.net from [138.89.105.212] at Fri, 23 Apr 2004 00:04:49 -0500 cc: freebsd-questions@freebsd.org Subject: Re: chflags understanding X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Apr 2004 05:04:51 -0000 Malcolm Kay wrote: >On Friday 23 April 2004 13:02, Alden Louis-Pierre wrote: > > >> I'm looking through the Handbook to learn how to secure my FreeBSD >>4.9 system. While reading 10.2( >>http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security-intro.ht >>ml ) it makes reference to the chflags command. >>Is there a difference between "chflags -R schg /sbin *" and "chflags >>schg /sbin *"? >> >> >> > >The asterisk '*' in these commands looks rather unlikely. >As it stands the first on these: > chflags -R schg /sbin * >will set schg flags for the directory /sbin and for the whole tree down from >there, AND, with the asterisk, all files in your current directory and the >whole tree down from there. > >The second version > chflags schg /sbin * >will set schg on the directory /sbin, AND on all files in your current >directory but it does not recurse through any trees. > >Perhaps you intended to compare: > chflags -R schg /sbin >with > chflags schg /sbin/* >The first of these will set the schg flag on all files and directories in >the whole tree rooted at /sbin (including the directory /sbin. >The second will affect only the items listed in the /sbin directory not >including /sbin itself or any files or directories further down the tree. > >Malcolm > > > > Thanks it makes sense now and yes your right, i wanted to do chflags -R schg /sbin/* . Thank You Alden Louis-Pierre