Solved rm or chmod 000?


In looking to remove things, say ftpd(8), which are, in some cases, unneeded and potentially risky, security(7) suggests chmod 000 on such files, which is totally reasonable, but I was wondering why one wouldn't just rm such binaries altogether? (Provided you knew on that particular install that you would never ever need it).

I also wonder what might happen when such a file needs an update via freebsd-update under either scenario. Since the immutable flag is not set, freebsd-update would presumably still update a 000 permissions file, but would a deleted file simply be replaced and set with default permissions by freebsd-update?

I create a remove folder in the directory where I will remove files I never will use, or care about. I delete them many weeks latter just to make sure it did not break anything else that I might want to try at a later date. I do this after I did what SirDice suggested.

To build your own custom kernel is the grand finale. Then I use IgnorePaths and stuff if I ever update. I like taking it from the top with each new releases … they last forever too.

I never thought about chmod 000. There are files I don’t like, but need them for a minute. My way is wasting, I’m going to start using chmod 000 so I can switch those files on and off as needed by way of script (such as playing with drivers). Thanks for the idea.

FreeBSD has no problem with most of what you don’t need, DELETE it, just make sure that no more than one thing might needs it, to avoid any confusion.