From 54f2d77e5dd9086606bbc409ed4899e905816afe Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Mon, 16 Feb 1998 23:24:13 +0000 Subject: [PATCH] move fs.posix.setuid to sysctl.conf --- src/etc/rc.securelevel | 6 +----- src/etc/sysctl.conf | 11 ++++++----- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/src/etc/rc.securelevel b/src/etc/rc.securelevel index f740e13e..35f59b8a 100644 --- a/src/etc/rc.securelevel +++ b/src/etc/rc.securelevel @@ -1,4 +1,4 @@ -# $OpenBSD: rc.securelevel,v 1.6 1998/01/16 14:05:45 niklas Exp $ +# $OpenBSD: rc.securelevel,v 1.7 1998/02/16 23:24:13 deraadt Exp $ # # site-specific startup actions, daemons, and other things which # can be done BEFORE your system goes into securemode. For actions @@ -15,10 +15,6 @@ securelevel=1 echo 'starting pre-securelevel services:' -# Use traditional BSD semantics with chown(2) -#echo 'Enabling traditional BSD chown(2) semantics.' -#sysctl -w fs.posix.setuid=0 >/dev/null 2>&1 - # To run an accellerated X server when securelevel > 0 we must use /dev/ap. # NOTE: modload will panic your kernel if the booted kernel is not /bsd. #if [ -x /sbin/modload -a -x /usr/lkm/apinstall -a -r /usr/lkm/ap.o ]; then diff --git a/src/etc/sysctl.conf b/src/etc/sysctl.conf index f299691d..3201ff95 100644 --- a/src/etc/sysctl.conf +++ b/src/etc/sysctl.conf @@ -1,8 +1,9 @@ -# $OpenBSD: sysctl.conf,v 1.4 1998/02/14 00:05:10 deraadt Exp $ +# $OpenBSD: sysctl.conf,v 1.5 1998/02/16 23:24:13 deraadt Exp $ # This files contains a list of sysctl options the user wants set at # boot time. # ie. -#net.inet.ip.forwarding=1 # Permit forwarding (routing) of packets -#net.inet.tcp.rfc1323=0 # TCP RFC1323 extensions (disable if tcp is slow) -#ddb.panic=0 # Do not drop into ddb on a kernel panic -ddb.console=0 # Do not permit entry of ddb from the console +#net.inet.ip.forwarding=1 # 1=Permit forwarding (routing) of packets +#net.inet.tcp.rfc1323=0 # 0=disable TCP RFC1323 extensions (for if tcp is slow) +#ddb.panic=0 # 0=Do not drop into ddb on a kernel panic +ddb.console=0 # 0=Do not permit entry of ddb from the console +#fs.posix.setuid=0 # 0=Traditional BSD chown() semantics