Thor Lancelot Simon <tls@rek.tjls.com> writes:
> By the way, I *seriously* question the utility of using file flags to
> "secure" a system.  To get any serious guarantee, every program run
> from rc (or any script it runs) while securelevel is zero must be marked
> schg; also, rc, rc.conf, etc. must be marked schg.  A system set up that
> way is almost as irritating to run as a system with a read-only root fs.
> 
> (Note that I in fact actually run systems which are each way, so I know
>  whereof I speak.)

I agree. Frankly, I'd prefer that we forget about putting any such
hacks into the distributed system. They're a real pain in the neck for 
ordinary users, and almost impossible to get "right" to provide actual 
extra security for non-ordinary users.

Perry