Subject: Re: Making setuid files immutable
To: Dr. Lex Wennmacher <wennmach@geo.Uni-Koeln.DE>
From: Erik E. Fair <>
List: tech-security
Date: 01/19/1999 11:21:14
Adding the functionality to mtree sounds like a good idea.

However, we need to think carefully before we put those flags into our
distribution files. Order of operations will be critical if we go this
route: once you set schg, you can't do anything else to that file unless
you go single-user and undo it.

We may need to have a flag or other indicator for whether to "lock-down"
the system in that way after installation, and whether the lock-down should
be default or not.

The real question here is: how often do system programs get changed in
between releases? If we make them immutable, we'll find out quickly, the
hard way.

	merely advising caution,

	Erik <>