From owner-freebsd-hackers  Sat Feb 17 20:41:55 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id UAA23560
          for hackers-outgoing; Sat, 17 Feb 1996 20:41:55 -0800 (PST)
Received: from fw.ast.com (fw.ast.com [165.164.6.25])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id UAA23551
          for <hackers@freebsd.org>; Sat, 17 Feb 1996 20:41:51 -0800 (PST)
Received: from nemesis by fw.ast.com with uucp
	(Smail3.1.29.1 #2) id m0tnzGs-00087AC; Sat, 17 Feb 96 20:54 CST
Received: by nemesis.lonestar.org (Smail3.1.27.1 #20)
	id m0tnzDm-000C8oC; Sat, 17 Feb 96 20:51 WET
Message-Id: <m0tnzDm-000C8oC@nemesis.lonestar.org>
Date: Sat, 17 Feb 96 20:51 WET
To: hackers@freebsd.org
From: uhclem@nemesis.lonestar.org (Frank Durda IV)
Sent: Sat Feb 17 1996, 20:51:30 CST
Subject: Re: Is "immutable" supposed to be a good idea?
Sender: owner-hackers@freebsd.org
Precedence: bulk

[4]I vaguely remember that some of these flags were not supposed to
[4]come into effect until the system went into multi-user mode..

That would be OK *if* we waited until the system was all the way up
before going into that mode.  In my case, fsck bombed and
offered me a sh.   The system is apparently already in this
"secure" mode at that point.  

The same was true if I booted -s.  By the time I got a shell, 
the system was honoring the immut flag.

If secure mode is something we turn on during the boot process,
perhaps the solution it to move that moment further down in the
installation process so that maintenance mode can actually do
maintenance.

[4]I don't think these flags should be noticed till root decides to go
[4]'secure'

I agree.

Frank Durda IV <uhclem@nemesis.lonestar.org>|"The Knights who say "LETNi"
or uhclem%nemesis@rwsystr.nkn.net           | demand...  A SEGMENT REGISTER!!!"
	  ^------(this is the fastest route)|"A what?"
or ...letni!rwsys!nemesis!uhclem	    |"LETNi! LETNi! LETNi!"  - 1983