Subject: Re: Making setuid files immutable
To: Manuel Bouyer <>
From: Andrew Brown <>
List: tech-security
Date: 01/16/1999 00:53:44
>> of course...they could always move the entire directory...
>And that's enouth, unless the parent directory is immutable too ...
>Anyway, I think it's good practice to make directory immutable too when

i've thought about this too.  and then decided it was a little
impractical for remote administration (which is what i do most of the
time).  yeah...i'll do upgrades from one version to the next over
tcp/ip, but not fiddle with immutable files.  go figure.  :)

it'd imply (given the following list)

>all of /bin
>all of /usr/bin
>all of /sbin
>all of /usr/sbin
>all of /usr/lib
>everything called from inetd
>everything called from the rc files
>all rc files and inetd.conf

not these directories (since their contents would all be immutable),
but instead:

/		(because of /etc, /bin, /var, and /usr)
/usr		(because of /usr/bin, /usr/sbin, and /usr/lib at least)
/usr/X11R6	(etc.)

and probably also

/usr/local	(etc.)
/usr/pkg	(etc.)

which would basically reduce netbsd to windows nt where you have to
reboot (well, almost) to upgrade cat.  yes, it's an extreme example,
but for upgrading *anything*, that's what it would do.  and that's one
of the reasons i *REALLY* hate windows nt.  if you upgrade cat, you
have to (heck...there you almost have to reboot if you move the

|-----< "CODE WARRIOR" >-----|             * "ah!  i see you have the internet (Andrew Brown)                that goes *ping*!"       * "information is power -- share the wealth."