Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 27 Jun 2004 07:44:51 +0400
From:      Sergey Zaharchenko <doublef@tele-kom.ru>
To:        JJB <Barbish3@adelphia.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: setting a disk read only
Message-ID:  <20040627034451.GB367@shark.localdomain>
In-Reply-To: <MIEPLLIBMLEEABPDBIEGMEDOGEAA.Barbish3@adelphia.net>
References:  <Pine.BSO.4.58L0.0406261203340.8509@bazmag.sch.bme.hu> <MIEPLLIBMLEEABPDBIEGMEDOGEAA.Barbish3@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Jun 26, 2004 at 08:36:49AM -0400,
 JJB probably wrote:
> Security Paranoia
> It's very important that you completely understand the impact of
> using the following command will have on your ability to make
> changes to your system.
>=20
> The simplest thing you can do is set the immutable flag on all
> system binaries and /etc config files with:
>=20
> chflags schg /bin/*(*) /sbin/*(*) /usr/bin/*(*) /usr/sbin/*(*)
> /etc/*(*)
>=20
> Setting the immutable flag on, means the files are marked as being
> protected from being written over. Once you execute the above
> command, no process can over write those files thus increasing the
> level of difficulty for the attacker and increasing the odds in your
> favor of the attacker leaving error messages in the system log. On
> the other hand you as root user can not make any changes to those
> file so marked either.

Only if you can't remove that flags (that is, only if you're running at
a securelevel>0).

--=20
DoubleF
If you only have a hammer, you tend to see every problem as a nail.
		-- Maslow

--fUYQa+Pmc3FrFX/N
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFA3kKywo7hT/9lVdwRAno4AJ4lEbqnzv3oQVE7Gao9/qh9Y0UW5gCfdCvX
ayLRyrDUvUCPQEEVoA4yzCY=
=A6lx
-----END PGP SIGNATURE-----

--fUYQa+Pmc3FrFX/N--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040627034451.GB367>