On Mon, Apr 06, 1998 at 07:43:14PM -0600, bear@coyotesong.com wrote: > > > > If the securelevel is greater than zero, the immutable and append_only > > flags can't be altered. > > Ah, some of the earlier comments now make a lot more sense. That also > explains why "man -k securelevel" was remarkably uninformative. > > Again, I'm forced to ask if forcing the system into a somewhat idle > mode before changing critical files is a Bad Thing. As a rough > approximation, perhaps a "secure" installation should default to > immutable for the executables in /sbin, /usr/sbin and /bin, but not > /usr/bin. A "paranoid" installation would set all package executables > to immutable. > > Bear Giles > bear@coyotesong.com > Sorry, I can't resist to give you another 2c from mine. The main reason why I say that immutable should not be toggle by dpkg is because 1) Newbie will ask "why I can't removed file X? I do all that they say in the *Linux is Great - 101 Book* (hoping not to enfrange any copyright here). 2) If, as a SysAdmin, I decided to put some file immutable, I certainly don't want a program like dpkg (whom task is package maintenance, not security administration) make it obseleted because it, it changed it. Even, maybe I set it immutable because I don't want dpkg to changed it! Briefly, most people don't need it or will misused it (see the pgp manual about false security impression) and people who really need it, don't need dpkg to bother with them. All IMHO. -- ------------------------------------------------------------------------ Fabien Ninoles E-mail: fab@tzone.org WebPage: http://www.callisto.si.usherb.ca/~94246757 You can get my public key from your nearest public keys server! RSA PGP KEY [E3723845]: 1C C1 4F A6 EE E5 4D 99 4F 80 2D 2D 1F 85 C1 70 ------------------------------------------------------------------------
Attachment:
pgp85xWLvgLEZ.pgp
Description: PGP signature