From owner-freebsd-hackers Mon Mar 11 11:57:31 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id D5C8C37B41D for ; Mon, 11 Mar 2002 11:56:52 -0800 (PST) Received: from boredom (dickie.ST.HMC.Edu [134.173.59.94]) by odin.ac.hmc.edu (8.11.0/8.11.0) with SMTP id g2BJuq819827 for ; Mon, 11 Mar 2002 11:56:52 -0800 Message-ID: <002001c1c936$c25ff4d0$5e3bad86@boredom> From: "Jeff Jirsa" To: Subject: logging securelevel violations Date: Mon, 11 Mar 2002 11:55:56 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I've noticed that currently, violations of securelevel are aborted, but not typically logged. It seems like in addition to aborting whichever calls are in progress, logging an error might be beneficial. I recognize that this goes along the same lines as logging file permission errors, but if a file is marked immutable, the implicit value of the file should suggest that one might want to be able to audit attempted changes to that file. A case in point: /usr/src/sys/kern/kern_linker.c (4.5 STABLE): int linker_load_file(const char* filename, linker_file_t* result) { ... /* Refuse to load modules if securelevel raised */ if (securelevel > 0) return EPERM; ..... Would the following not work? int linker_load_file(const char* filename, linker_file_t* result) { ... /* Refuse to load modules if securelevel raised */ if (securelevel > 0) { log(LOG_ERR, "Unable to load module %s: securelevel violation \n", filename); return EPERM; } ... So, my questions are: Why shouldn't it be done? What simple problems am I overlooking? (Would such a contribution have a chance of making it into 5.0?) - Jeff ================= Jeff Jirsa jjirsa@hmc.edu ================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message