Inmutable bit in some binaries
Jordi Espasa Clofent
jespasac at minibofh.org
Wed Feb 3 12:33:18 UTC 2010
HI all,
I'm hardening one test box and at present I'm planning to do:
# chflags -R schg <file>
where <file> will be some binaries that seems to be common targets for
rootkits and lammers:
ls
du
ps
find
top
locate
strings
ifconfig
netstat login
I wonder if changing these files permissions as I've shown above will be
cause some troubles in future upgrade (recompilation, the classic way,
not the binary upgrade one) process. ¿It will?
--
I must not fear. Fear is the mind-killer. Fear is the little-death that
brings total obliteration. I will face my fear. I will permit it to pass
over me and through me. And when it has gone past I will turn the inner
eye to see its path. Where the fear has gone there will be nothing. Only
I will remain.
Bene Gesserit Litany Against Fear.
More information about the freebsd-stable
mailing list