Hello Lowell Gilbert!
SUID/SGID files in my default installation do not have any flags set:
$ uname -a
FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386
$ ls -alo `which su`
-r-sr-xr-x 1 root wheel - 11992 Nov 3 08:11 /usr/bin/su
That's why I'm asking about this.
I think there should be some flags set by default.
====[ End of message ]====
Best Regards,
Alex Renn
[EMAIL PROTECTED]
===[ Original Message ]===
From: Lowell Gilbert <[EMAIL PROTECTED]>
To: Alex Renn <[EMAIL PROTECTED]>
Subject: CD installation and file flags
Date: 10.02.2006 20:56
> Alex Renn <[EMAIL PROTECTED]> writes:
>> I installed FreeBSD 6.0 from CD and noticed that file flags were not
>> applied by default to /boot, /bin, /sbin.
> Right. suid files get the flags, but nothing else.
>> I set kernel_securelevel to 3 but it does not help a lot while there
>> are no schg flags on system files.
> File flags are enforced at a securelevel of 1. If they are all you
> care about, then there's no reason to add the filesystem mounting,
> clock, and firewall restrictions of levels 2 and 3.
>> Is there any script to set proper flags for all files in the default
>> installation?
> There is not widespread agreement on the definition of "proper" in
> that sentence. Once you have a precise idea of what you think it
> should be, writing a script for your particular needs will be
> trivial.
> Be well.
===[ End of Original Message ]===
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
