Date: Wed, 05 Apr 1995 03:35:23 -0700 From: "Jordan K. Hubbard" <jkh@freefall.cdrom.com> To: current@freefall.cdrom.com Subject: "Cookbook" for security. Message-ID: <15076.797078123@freefall.cdrom.com>
next in thread | raw e-mail | index | archive | help
Poul and I were talking about the whole immutable flag issue, and since cpio, tar, pax and friends don't support the notion of extracting these extra flags ANYWAY, we might as well make a virtue of a vice and go "cookbook" style on it, where some central well-known file contains information that can be used to apply the flags in question after the system is installed. For that matter, the file can also contain MD5 checksums so that you can verify that all the "important" files have not been changed from the release copies. Needless to say, the "cookbook" file should be highly immutable itself in these cases :-). It seems to me that this would serve as a very valuable security aid and of use in creating the overall security tool from hell that I'd like to see on FreeBSD someday! :-) Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15076.797078123>