Date: 28 Jun 1999 13:28:15 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: Frank Tobin <ftobin@bigfoot.com> Cc: FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG> Subject: Re: file flags during low securelevels Message-ID: <xzp7looimy8.fsf@flood.ping.uio.no> In-Reply-To: Frank Tobin's message of "Fri, 25 Jun 1999 01:13:04 -0500 (CDT)" References: <Pine.BSF.4.10.9906250107320.63311-100000@srh0710.urh.uiuc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Frank Tobin <ftobin@bigfoot.com> writes: > Jason Young, at 01:02 on Fri, 25 Jun 1999, wrote: > > In what situations are you running into problems with schg/sappnd? There's > > only a few things that are schg/sappnd out of the box, and those targets > > are handled by make world and the kernel install target automatically > > assuming you're in an appropriate securelevel. > I haven't looked that thorougly into the 'make world' installation > process, but from watching output, it doesn't seem like it removes file > flags from files it installs. Only on the ones in /usr/obj. If you've never run make world on the box, only the kernel is schg (quite simply because tar/cpio don't preserve flags). If you *have* run make world, there's a whole lot of useless (e.g. /bin/rcp) and not-so-useles (e.g. /usr/libexec/ld-elf.so.1) stuff marked schg. Finally, if you intend to raise the secure level, there's a whole lot of critical stuff (e.g. /boot.config, /boot/*, /etc/*) that should be schg, but isn't. Beware of files that aren't there; even if you don't need /boot.config, you should create an empty one and mark it schg so black hats can't create one of their own. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp7looimy8.fsf>