Alex Renn <[EMAIL PROTECTED]> writes: > Hello Lowell Gilbert!
Hello! [Don't top-post, please.] > SUID/SGID files in my default installation do not have any flags set: > > $ uname -a > FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 > [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 > $ ls -alo `which su` > -r-sr-xr-x 1 root wheel - 11992 Nov 3 08:11 /usr/bin/su > > That's why I'm asking about this. > I think there should be some flags set by default. Hmm, yes. The distribution tar files don't seem to have flags set. The tar documentation claims that it can handle file flags, but I've never tried it (the Gnu tar, which FreeBSD used until fairly recently, does not). From a quick look, the missing flags seem to be an artifact of the packaging process. Sorry about missing that earlier; flags are set on suid files by the source build/install process, and I haven't done a new install in a long time. If you source-upgrade the system, you'll get the flags set. However, if you are interested in this as a security measure, I recommend setting up your own mtree(1) specification to set the flags that *you* want. That will also allow you to use that same specification to check that the flags have remained the way you want them set. Good luck. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
