On Thu, Jul 09, 2015 at 10:01:01PM -0600, Theo de Raadt wrote: > The 4.4BSD chflags model of "security" on inodes is unmaintained, and > the utilitization of this is not realized OpenBSD. > > To be honest, I doubt any of us see much benefit in it, relative to > other features of the system. When you are holed, a few file changes > + a reboot can undo it, voila, noone would ever notice. > > I don't think it is more than a gimmick. > > If you use it, you really are on your own. To my knowledge, noone in > the development group has seriously trialed/used it in years.
Could they ever be removed? >From what I just read, it doesn't seem like they're standardized. Would the silent changes to people's file access controls be unacceptable? If it's possible, I'm interesting in trying.
