Subject: Re: verified executable kernel modification committed
To: matthew green <>
From: Roland Dowdeswell <>
List: tech-security
Date: 10/31/2002 00:58:23
On 1035980536 seconds since the Beginning of the UNIX epoch
matthew green wrote:

>this is not to say i don't find vexec useful.  i know several
>systems that i will definately use it on.  i just don't think it
>necessarily is inherently more secure than chflags protection.

Only if you hack your kernel to not execute files which do not have
the schg flag set.  Otherwise, what's to stop you from executing
other files?

    Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/