From owner-freebsd-hackers Wed Feb 14 22:25:15 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA15467 for hackers-outgoing; Wed, 14 Feb 1996 22:25:15 -0800 (PST) Received: from ref.tfs.com (ref.tfs.com [140.145.254.251]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id WAA15462 for ; Wed, 14 Feb 1996 22:25:13 -0800 (PST) Received: (from julian@localhost) by ref.tfs.com (8.6.12/8.6.12) id WAA00334; Wed, 14 Feb 1996 22:25:02 -0800 From: Julian Elischer Message-Id: <199602150625.WAA00334@ref.tfs.com> Subject: Re: Is "immutable" supposed to be a good idea? To: uhclem@nemesis.lonestar.org (Frank Durda IV) Date: Wed, 14 Feb 1996 22:25:02 -0800 (PST) Cc: hackers@FreeBSD.org In-Reply-To: from "Frank Durda IV" at Feb 14, 96 09:51:00 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-hackers@FreeBSD.org Precedence: bulk > [....] > as root from doing stupid things and to prevent people running as root > or in maintenance mode from doing smart things), I would rather see > restore, tar, cpio, rm and any other system recovery tools all be able to > replace files with these flags, if the utility is running suid==root. I vaguely remember that some of these flags were not supposed to come into effect until the system went into multi-user mode.. Is n't there suppose to be a way to go into 'secure' mode from which there was no return? or Was I dreaming... This was all talked about by keirk during his 4.4 class I went to in 1992, but I can't remember all the points any more.. > > We should not make the system impossible to maintain or to recover. aye! I don't think these flags should be noticed till root decides to go 'secure' > > Strangely, one of the directories with these immutable files was moved into > /tmp to get it out of the way. On the next reboot, the normal system start > was able to get rid of all of the files. That seems curious. What has > rc got that I haven't got? hmm maybe that IS how it is doneA after all? > > Unless someone knows a really good reason, I plan to turn off immutable > on all files on the customer systems I have to maintain. This was too big > of a hassle to revisit and cost everybody involved. > > Oh, weird party trick: some time just before nuking a system to do > a fresh install or something, rm /sbin/init, halt and reboot and watch. > That is certainly not what other UNIX systems do... Well FreeBSD will try look for /stand/init and /stand/install if /etc/init aint there.. (at least I've seen code to do that....) That's how the install disk works I think... (maybe I'm out of date) julian