Date: Tue, 16 Jul 1996 13:40:25 -0600 From: Sean Kelly <kelly@fsl.noaa.gov> To: mcnab@bayarea.net Cc: black@MR.Net, questions@FreeBSD.ORG Subject: Re: can't delete rcp Message-ID: <199607161939.TAA28526@gatekeeper.fsl.noaa.gov> In-Reply-To: <199607161817.LAA03277@baygate.bayarea.net> (message from David McNab on Tue, 16 Jul 1996 11:17:37 -0700)
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "David" == David McNab <mcnab@bayarea.net> writes: David> This "flags" thing looks like an abomination to me. David> What is the rationale behind it, and where did it come David> from? I'm not sure where it came from, but one rationale is system security. By marking certain files as immutable, append-only, etc., and by running your system at a high security level, even people who compromise root won't be able to muck with your hard-earned configuration, since the flags can't be changed. The best they could do is shutdown into single user mode---but then you keep the console behind closed doors. See sysctl(1) to find out how to change the system security level. (Of course, you can do quite a bit of damage as root anyway.) -- Sean Kelly NOAA Forecast Systems Laboratory kelly@fsl.noaa.gov Boulder Colorado USA http://www-sdd.fsl.noaa.gov/~kelly/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607161939.TAA28526>