> > Hello,I have non-standard partitioned OpenBSD-current installation > > dated before 05/27.I don't have separate filesystem/disklabel > > partition for /usr/local/.I have /usr/ on separate ffs > > filesystem. Can I add wxallowed to /usr/ filesystem or I must > > repartition/reinstall OpenBSD? > > You can add it at any point. It just means that binaries in /usr > which do PROT_WRITE|PROT_EXEC mappings will succeed (with a warning, > of course). > > Over time, these semantics will probably change.
If you would like the protection then I don't see any need to reinstall btw. I'm guessing (could be wrong) /usr isn't huge (so won't take ages) but it's dead easy to gain the protection by using cp -Rp /usr to /home/usr Then simply delete the /usr in disklabel and create a /usr and /usr/local and copy back /home/usr to /usr and /home/usr/local to /usr/local because cp is static and in the / root fs so you don't even need to reboot, of course you would have to consider running programs read requirements on those filesystems. -- KISSIS - Keep It Simple So It's Securable
