On 06/04/2010 02:59 AM, Fbsd1 wrote:
Why does the base RELEASE have schg flag turned for the /var/empty
directory?
Is that directory really used for anything?
Is this a release build problem?
Certain daemons will chroot(2) to that directory to perform sensitive
privilege-separation operations, or when they know they will not need to
interact with the filesystem to perform their duties. The directory must
remain empty to ensure the operation is secure.
The best way to ensure no files are accidentally or intentionally
created there is to set it schg, which forbids any changes to the
directory (such as linking a file there).
--
Fuzzy love,
-CyberLeo
Furry Peace! - http://www.fur.com/peace/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
