Contributed by dhartmei on from the opinion-roasting dept.
Taking that statement literally, Jason concludes that OpenBSD should completely remove its securelevel(7) implementation.
One obvious different interpretation would be that system immutable guarantees what the man page says, namely "An immutable file may not be changed, moved, or deleted.", and not that it guarantees any read access will result in approved data. And there are other uses for securelevels besides chflags, and they need not all be equally useless. Or are they?
(Comments are closed)