Date: Tue, 31 Jul 2001 20:47:49 -0700 From: Kris Kennaway <kris@obsecurity.org> To: alexus <ml@db.nexgen.com> Cc: George Reid <greid@FreeBSD.org>, freebsd-security@FreeBSD.ORG Subject: Re: Operation not permitted Message-ID: <20010731204748.A42718@xor.obsecurity.org> In-Reply-To: <006601c11a38$bc519b00$0100a8c0@alexus>; from ml@db.nexgen.com on Tue, Jul 31, 2001 at 11:19:11PM -0400 References: <20010801041041.C92484-100000@sobek.lan> <006601c11a38$bc519b00$0100a8c0@alexus>
next in thread | previous in thread | raw e-mail | index | archive | help
--tThc/1wpZn/ma/RB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Jul 31, 2001 at 11:19:11PM -0400, alexus wrote: > intersting... so basically what you sayin the only way to lower it is by > seting my boot scripts to -1 and restart ? Yes, that's the point ;-) It's also an intrinsic weakness in the securelevel concept, because anyone who can reboot your box can lower the securelevel. Yes, even if you chflags /etc/rc.conf (please see the archives if you're inclined to pursue this further, the topic has come up many times) Kris --tThc/1wpZn/ma/RB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7Z3vkWry0BWjoQKURAhYYAKCBObT4Jm3BXnhWFXAOJMguigCC/QCgteT7 jTIpcQC+XluK/SKPG9KKooM= =W0rm -----END PGP SIGNATURE----- --tThc/1wpZn/ma/RB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010731204748.A42718>