Bugtraq mailing list archives
Re: BSD-fileflags
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Sun, 4 Jul 1999 23:30:02 +1000
I might add that to be able to unmount /usr, if that is indeed where /usr/bin/login is being run from, or any other filesystem for that matter, it needs to be totally unused. For this reason, I think you would be hard pressed to have /usr unmounted in a manner that would go undetected unless you were in single luser mode. Depending on what else runs on the system and how packages are installed, the same might be true for other file systems often used for installation of binaries (/usr/local). To give you some idea of the programs which would need to have been stopped before unmounting /usr are as follows: syslogd, update, cron, inetd, getty (according to NetBSD-1.4). That said, I do think that the claims made by the documentation for securelevel 1 are false and should instead mention something about changing file flags through "conventional means" with a more complete briefing available for securelevel 2. Darren
Current thread:
- BSD-fileflags stealth () DIONE IDS PL (Jul 02)
- kod.c(kiss of death) ip stack bug in windows klepto (Jan 17)
- Re: BSD-fileflags Darren Reed (Jul 04)