Re: BSD-fileflags

Darren Reed (avalonCOOMBS.ANU.EDU.AU)
Sun, 4 Jul 1999 23:30:02 +1000

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: klepto: "kod.c(kiss of death) ip stack bug in windows"
• Previous message: Renaud Deraison: "Re: Fwd: Information on MS99-022"
• In reply to: Vanja Hrustic: "Fwd: Information on MS99-022"
• Next in thread: stealthDIONE.IDS.PL: "Re, Re: BSD-fileflags"

I might add that to be able to unmount /usr, if that is indeed where
/usr/bin/login is being run from, or any other filesystem for that
matter, it needs to be totally unused. For this reason, I think you
would be hard pressed to have /usr unmounted in a manner that would
go undetected unless you were in single luser mode. Depending on
what else runs on the system and how packages are installed, the
same might be true for other file systems often used for installation
of binaries (/usr/local). To give you some idea of the programs which
would need to have been stopped before unmounting /usr are as follows:

syslogd, update, cron, inetd, getty

(according to NetBSD-1.4). That said, I do think that the claims made
by the documentation for securelevel 1 are false and should instead
mention something about changing file flags through "conventional means"
with a more complete briefing available for securelevel 2.

Darren

• Next message: klepto: "kod.c(kiss of death) ip stack bug in windows"
• Previous message: Renaud Deraison: "Re: Fwd: Information on MS99-022"
• In reply to: Vanja Hrustic: "Fwd: Information on MS99-022"
• Next in thread: stealthDIONE.IDS.PL: "Re, Re: BSD-fileflags"

This archive was generated by hypermail 2.0b3 on Sun Jul 04 1999 - 21:46:40 CDT