From owner-freebsd-security Thu Oct 5 8:50:14 2000 Delivered-To: freebsd-security@freebsd.org Received: from news.lucky.net (news.lucky.net [193.193.193.102]) by hub.freebsd.org (Postfix) with ESMTP id 96AA837B66C for ; Thu, 5 Oct 2000 08:50:08 -0700 (PDT) Received: (from mail@localhost) by news.lucky.net (8.Who.Cares/8.Who.Cares) id STG13060 for freebsd-security@freebsd.org; Thu, 5 Oct 2000 18:50:05 +0300 (envelope-from white@alkar.net) From: Alex Prohorenko To: freebsd-security@freebsd.org Subject: Re: BSD chpass (fwd) Date: 5 Oct 2000 15:49:30 GMT Organization: Alkar-Teleport News server Message-ID: <8ri7ua$1h7i$2@pandora.alkar.net> References: <20001004053422.8A3901F19@static.unixfreak.org> <8rhvfk$12ue$2@pandora.alkar.net> <39DC833C.7DDB0AC2@sentry.granch.ru> User-Agent: tin/1.4.4-20000803 ("Vet for the Insane") (UNIX) (FreeBSD/3.5-STABLE (i386)) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Lines: 14 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Rashid N. Achilov wrote: > Alex Prohorenko wrote: >> I do not see any single problem here. >> chflags noschg /usr/bin/chpass >> chown u-s /usr/bin/chpass >> Sounds pretty easy, isn't it? > When securelevel 3 (or 2 too, not remember now :-( ) you, even if root, > cannot unset schg flag :-) Sorry, I have missed a line concerning securelevel. Of course, you're right. -- Alexander Prohorenko, Alkar Teleport To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message