Settime_bypass problem ?

Jamie Heilman jamie@audible.transient.net
Tue, 30 Apr 2002 21:34:53 -0700

Previous message: Settime_bypass problem ?
Next message: Settime_bypass problem ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ben Escoto wrote:

>   >> permitted changing the time of /bin/rcp.  I'm not sure why you
> 
> I don't see why it's not working, but I guess it's a FreeBSD thing.  I
> don't know offhand how to fix it or investigate further, so I'll just
> drop it unless someone else knows what the answer is.

Not just FreeBSD, but yeah, anything that supports securelevels.

$ ls -lo /bin/rcp
-r-sr-xr-x  1 root  wheel  schg 242780 May 16  2001 /bin/rcp

>From chflags(1) we find:
           schg    set the system immutable flag (super-user only)

and from init(8):

The security levels are:

  ...

     2     Highly secure mode - same as secure mode, plus disks may not
           be opened for writing (except by mount(2)) whether mounted
           or not This level precludes tampering with filesystems by
           unmounting them, but also inhibits running newfs(8) while
           the system is multi-user.

           In addition, kernel time changes are restricted to less than
           or equal to one second.  Attempts to change the time by more
           than this will log the message ``Time adjustment clamped to
           +1 second''.

So if you were planning to do much manipulation of an immutable file
in securelevel 2, I'd suggest you grab a Snickers, 'cause yer gonna be
at it for a while.

-- 
Jamie Heilman                   http://audible.transient.net/~jamie/
"Paranoia is a disease unto itself, and may I add, the person standing
 next to you may not be who they appear to be, so take precaution."
						-Sathington Willoughby

Previous message: Settime_bypass problem ?
Next message: Settime_bypass problem ?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]