Date: Thu, 17 Jun 1999 17:08:37 +0200 From: Sheldon Hearn <sheldonh@uunet.co.za> To: James Wyatt <jwyatt@RWSystems.net> Cc: "Andy V. Oleynik" <andyo@mail.prime.net.ua>, Richard Childers <rchilders@hamquist.com>, security@FreeBSD.ORG Subject: Re: some nice advice.... Message-ID: <88023.929632117@axl.noc.iafrica.com> In-Reply-To: Your message of "Thu, 17 Jun 1999 09:45:20 EST." <Pine.BSF.4.05.9906170936390.23319-100000@kasie.rwsystems.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 17 Jun 1999 09:45:20 EST, James Wyatt wrote: > The 'schg' (system immutable) flag can be set by root to prevent *anyone* > from changing a file, including root. It takes effect when you run at a > more secure 'syslevel' and enhances security while running. For the record: Schg is always "in effect". At non-zero securelevels (not syslevels), nobody can remove the schg flag. Effectively, the same thing as what you said, but the difference is worth explaining. And the manpage to refer people to is init(8). Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?88023.929632117>