On Wed, Feb 03, 1999 at 10:34:42AM -0800, Curt Sampson wrote:
> On Wed, 3 Feb 1999, Manuel Bouyer wrote:
> 
> > The box I set up has / mounted read-only (this needs some tweaks in
> > /etc and /var, and / is first mounted r/w and remounted ro later, after syslog
> > has created /dev/log). /usr is mounted nodev , /home and /var nodev,noexec.
> 
> What ever happened to the proposal to move /dev/log to /var/run/log?

I didn't get around to committing it.  I'll do it this weekend, probably.

By the way, I *seriously* question the utility of using file flags to
"secure" a system.  To get any serious guarantee, every program run
from rc (or any script it runs) while securelevel is zero must be marked
schg; also, rc, rc.conf, etc. must be marked schg.  A system set up that
way is almost as irritating to run as a system with a read-only root fs.

(Note that I in fact actually run systems which are each way, so I know
 whereof I speak.)

Thor