From owner-freebsd-security  Mon Jun 28  4:32:23 1999
Delivered-To: freebsd-security@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP id 6630914FC6
	for <freebsd-security@FreeBSD.ORG>; Mon, 28 Jun 1999 04:32:05 -0700 (PDT)
	(envelope-from des@flood.ping.uio.no)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.1) id NAA80510;
	Mon, 28 Jun 1999 13:28:16 +0200 (CEST)
	(envelope-from des)
To: Frank Tobin <ftobin@bigfoot.com>
Cc: FreeBSD-security Mailing List <freebsd-security@FreeBSD.ORG>
Subject: Re: file flags during low securelevels
References: <Pine.BSF.4.10.9906250107320.63311-100000@srh0710.urh.uiuc.edu>
From: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Date: 28 Jun 1999 13:28:15 +0200
In-Reply-To: Frank Tobin's message of "Fri, 25 Jun 1999 01:13:04 -0500 (CDT)"
Message-ID: <xzp7looimy8.fsf@flood.ping.uio.no>
Lines: 23
X-Mailer: Gnus v5.5/Emacs 19.34
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Frank Tobin <ftobin@bigfoot.com> writes:
> Jason Young, at 01:02 on Fri, 25 Jun 1999, wrote:
> > In what situations are you running into problems with schg/sappnd? There's
> > only a few things that are schg/sappnd out of the box, and those targets
> > are handled by make world and the kernel install target automatically
> > assuming you're in an appropriate securelevel. 
> I haven't looked that thorougly into the 'make world' installation
> process, but from watching output, it doesn't seem like it removes file
> flags from files it installs.  Only on the ones in /usr/obj.

If you've never run make world on the box, only the kernel is schg
(quite simply because tar/cpio don't preserve flags). If you *have*
run make world, there's a whole lot of useless (e.g. /bin/rcp) and
not-so-useles (e.g. /usr/libexec/ld-elf.so.1) stuff marked schg.
Finally, if you intend to raise the secure level, there's a whole lot
of critical stuff (e.g. /boot.config, /boot/*, /etc/*) that should be
schg, but isn't. Beware of files that aren't there; even if you don't
need /boot.config, you should create an empty one and mark it schg so
black hats can't create one of their own.

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message