FreeBSD 6.3-PRERELEASE unable to change file permission
Michael Proto
mike at jellydonut.org
Mon Dec 3 08:34:17 PST 2007
Anjang Aki wrote:
> hi!.. i'm not able to change file permission to disable rlogin and
> login on my box even as root
>
> # ls -lo /usr/bin/login /usr/bin/rlogin
> -r-sr-xr-x 1 root wheel schg 19996 Dec 1 13:04 /usr/bin/login
> -r-sr-xr-x 1 root wheel schg 10140 Dec 1 13:04 /usr/bin/rlogin
>
> # chflags -R nouchg login rlogin
> chflags: /usr/bin/login: Operation not permitted
> chflags: /usr/bin/rlogin: Operation not permitted
>
> # chmod a=rx /usr/bin/login /usr/bin/rlogin
> chmod: /usr/bin/login: Operation not permitted
> chmod: /usr/bin/rlogin: Operation not permitted
>
> it makes me uneasy as my users can still use login and rlogin to gain
> access to the box
>
> my system:
> # uname -a
> FreeBSD k3.college.edu 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #1: Sun
> Dec 2 18:51:02 MYT 2007 root at college.edu:/usr/obj/usr/src/sys/EDU
> i386
>
> thanks for advice
>
It looks like these files have the system-immutable flags set (schg),
not the user-immutable (uchg). What happens if you do "chflags noschg
/usr/bin/login /usr/bin/rlogin"?
-Proto
More information about the freebsd-stable
mailing list