From owner-freebsd-current Wed May 28 06:52:03 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id GAA11927 for current-outgoing; Wed, 28 May 1997 06:52:03 -0700 (PDT) Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id GAA11905 for ; Wed, 28 May 1997 06:51:58 -0700 (PDT) Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id PAA16311; Wed, 28 May 1997 15:51:50 +0200 Received: (from j@localhost) by uriah.heep.sax.de (8.8.5/8.8.5) id PAA04341; Wed, 28 May 1997 15:20:41 +0200 (MET DST) Message-ID: <19970528152040.QE64825@uriah.heep.sax.de> Date: Wed, 28 May 1997 15:20:40 +0200 From: j@uriah.heep.sax.de (J Wunsch) To: freebsd-current@FreeBSD.ORG Cc: zbs@softec.sk (Basti, Zoltan) Subject: Re: Lowering securelevel with gdb References: X-Mailer: Mutt 0.60_p2-3,5,8-9 Mime-Version: 1.0 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: ; from Basti, Zoltan on May 28, 1997 12:56:09 +0200 Sender: owner-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk As Basti, Zoltan wrote: > A while ago there has been a discussion on freebsd-security > about the possibility of lowering securelevel by attaching to init > with gdb. Looking at the -current sources it seems to me it > is still not fixed. I think the entire idea that PID 1 is allowed to lower the securelevel basically defeats the securelevel conception. It should go away. If you run a machine with raised securelevel, it's not undue to require a reboot first in order to perform maintenance tasks -- you gotta sit on the console anyway. This would plug all current and potential future security holes in this respect once and for all. Anybody objecting? -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)