From owner-freebsd-hackers  Tue Jan 23 06:04:30 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id GAA19973
          for hackers-outgoing; Tue, 23 Jan 1996 06:04:30 -0800 (PST)
Received: from who.cdrom.com (who.cdrom.com [192.216.222.3])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id GAA19963
          for <hackers@freebsd.org>; Tue, 23 Jan 1996 06:04:27 -0800 (PST)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by who.cdrom.com (8.6.12/8.6.11) with ESMTP id GAA15637
          for <hackers@freebsd.org>; Tue, 23 Jan 1996 06:04:12 -0800
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id AAA28789; Wed, 24 Jan 1996 00:03:03 +1100
Date: Wed, 24 Jan 1996 00:03:03 +1100
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199601231303.AAA28789@godzilla.zeta.org.au>
To: imp@village.org, luigi@labinfo.iet.unipi.it
Subject: Re: Security (was: Re: Two commands: icat and ils)
Cc: dworkin@rover.village.org, hackers@freebsd.org
Sender: owner-hackers@freebsd.org
Precedence: bulk

>> rm won't remove an immutable file, but if you go through the raw
>> device, you can do that.  OR change the immutable file...

>immutable files must reside on immutable media. Otherwise,
>using standard commands as root you can easily do anything.

All immutable flags and all raw disks are (supposed to be) immutable
at securelevel >= 2.  See the init manpage.

Bruce