CD installation and file flags
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Fri Feb 10 10:56:14 PST 2006
Alex Renn <ray at TXnet.com> writes:
> I installed FreeBSD 6.0 from CD and noticed that file flags were not
> applied by default to /boot, /bin, /sbin.
Right. suid files get the flags, but nothing else.
> I set kernel_securelevel to 3 but it does not help a lot while there
> are no schg flags on system files.
File flags are enforced at a securelevel of 1. If they are all you
care about, then there's no reason to add the filesystem mounting,
clock, and firewall restrictions of levels 2 and 3.
> Is there any script to set proper flags for all files in the default
> installation?
There is not widespread agreement on the definition of "proper" in
that sentence. Once you have a precise idea of what you think it
should be, writing a script for your particular needs will be
trivial.
Be well.
--
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
More information about the freebsd-questions
mailing list