site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On 4 févr. 06, at 17:47, Peter Lovell wrote: On Feb 4, 2006, at 8:00 AM, Alain Birtz wrote: An item in the Startup Items folder ("/Library/StartupItems/myKern") does not have the proper security settings." Options are to "Disable" or "Fix" (or "Decide Later" to change nothing). Hi Alain, I had thought, actually, that "Fix" was no longer an option. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... After the restart Mac OS X send this message dot thef the kernel extention myKern The permission, owner and group of the kernel extention files seem exactly the same after and before the "Fix". Do I miss something ? The general rules for kexts are that all items be owned by root:wheel (uid:gid is 0:0) and that nothing be writable except by root. That usually translates to mode 755 for directories and 644 for files. Starting with 10.4, I think every file/folder within the StartupItems folder need to be owned by root:wheel, not just the kext. Someone probably realized the main security flaw was not with kexts but with startup scripts... This email sent to site_archiver@lists.apple.com