From owner-freebsd-security Thu Jul 26 17:20:58 2001 Delivered-To: freebsd-security@freebsd.org Received: from chrome.jdl.com (chrome.jdl.com [209.39.144.2]) by hub.freebsd.org (Postfix) with ESMTP id 0990237B407 for ; Thu, 26 Jul 2001 17:20:55 -0700 (PDT) (envelope-from jdl@chrome.jdl.com) Received: from chrome.jdl.com (localhost [127.0.0.1]) by chrome.jdl.com (8.9.1/8.9.1) with ESMTP id TAA13221; Thu, 26 Jul 2001 19:25:57 -0500 (CDT) (envelope-from jdl@chrome.jdl.com) Message-Id: <200107270025.TAA13221@chrome.jdl.com> To: Anthony Schneider Cc: security@FreeBSD.ORG Subject: Re: Some Followup on that ypchfn mess of mine In-reply-to: Your message of "Thu, 26 Jul 2001 19:21:23 EDT." <20010726192123.A37564@mail.slc.edu> Clarity-Index: null Threat-Level: none Software-Engineering-Dead-Seriousness: There's no excuse for unreadable code. Net-thought: If you meet the Buddha on the net, put him in your Kill file. Date: Thu, 26 Jul 2001 19:25:56 -0500 From: Jon Loeliger Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org So, like Anthony Schneider was saying to me just the other day: > Type ls -lo /path/to/ypchfn, and look for flags set on it > (i.e. schg, uchg). If any of these are set, you will > need to run > chflags noschg ypchfn > (or switch noschg with whatever flag is set). > Not sure what else it might be. > -Anthony. > So cleverly, I did this and it didn't work. Then I got to thinking... # sysctl kern.securelevel kern.securelevel: 1 Uh oh. Hack rc.conf, back down to -1... # chflags noschg ypchfn And finally. # chmod -x ypchfn Woo hoo! OK, so I feel a bit better now... :-) Thanks! jdl To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message