From owner-freebsd-security Wed May 22 12:43:15 2002 Delivered-To: freebsd-security@freebsd.org Received: from r4k.net (r4k.net [212.26.197.210]) by hub.freebsd.org (Postfix) with ESMTP id E969837B412 for ; Wed, 22 May 2002 12:43:10 -0700 (PDT) Received: from shell.r4k.net (localhost [127.0.0.1]) by r4k.net (Postfix) with ESMTP id 7140522EFE for ; Wed, 22 May 2002 21:43:04 +0200 (CEST) Received: (from _@localhost) by shell.r4k.net (8.12.2/8.12.2/Submit) id g4MJh4gK087850 for freebsd-security@freebsd.org; Wed, 22 May 2002 21:43:04 +0200 (CEST) Date: Wed, 22 May 2002 21:43:04 +0200 From: Stephanie Wehner <_@r4k.net> To: freebsd-security@freebsd.org Subject: file flags in /modules Message-ID: <20020522194304.GA70619@r4k.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.25i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Actually this reminded me of something else :) (wanted to post this earlier but since I only just got a fbsd test box again I kind of forgot) Is there any particular reason why the immutable flag is turned on for /kernel, but not for any loadable modules ? root@beyond:/modules # ls -lo /kernel -r-xr-xr-x 1 root wheel schg 4124312 May 22 11:02 /kernel root@beyond:/modules # ls -lo linux.ko -r-xr-xr-x 1 root wheel - 98290 May 22 11:02 linux.ko I usually turn this on, as it seems to me protecting /modules/* is as important, but it appears that this is turned off by default. thx, bye, Stephanie --<> _@r4k.net <>------------------<> FreeBSD <>------------------- #3 - Anime Law of Sonic Amplification, First Law of Anime Acoustics In space, loud sounds, like explosions, are even louder because there is no air to get in the way. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message