SUID /usr/bin/rsh on Stable 4.8 after installworld
Allen Landsidel
all at biosys.net
Sun Oct 26 08:34:02 PST 2003
At 09:10 10/26/2003, Jim wrote:
[snip]
>At some point in this process however, I get to cvsup, buildworld, and
>installworld. This process re-enables the old permissions on the files I so
>diligently locked down. I would expect there is a flag or include/exclude
>file somewhere I need to lookup to prevent cvsup from doing this in the
>first place, but like I said, I'm new.
>
>The problem I need help with though, is the fact that I cannot chmod 000
>certain binaries after this process (for example: /usr/bin/rsh,
>/usr/bin/yppasswd, /usr/bin/ypchfn, etc.). The following occurs:
>
># chmod 000 /usr/bin/rsh
>chmod: /usr/bin/rsh: Operation not permitted
chflags is what you want
man chflags
specifically the schg flag.
More information about the freebsd-questions
mailing list