Date: Wed, 3 Feb 1999 15:35:44 +1030 (CDT) From: Mark Newton <newton@camtech.com.au> To: robert+freebsd@cyrus.watson.org Cc: jkh@zippy.cdrom.com, jmb@FreeBSD.ORG, woodford@cc181716-a.hwrd1.md.home.com, security@FreeBSD.ORG Subject: Re: tcpdump Message-ID: <199902030505.PAA19809@frenzy.ct> In-Reply-To: <Pine.BSF.3.96.990202233308.21838C-100000@fledge.watson.org> from Robert Watson at "Feb 2, 99 11:35:47 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote:
> As Matt points out, the security limitations are not very clear: the
> securelevel code generally requires a lot of modifications to the base
> system, so my temptation is to ignore the issue, but create a securelevel
> man page that discusses "things to do in making a securelevel-friendly
> system", and add to it: disable bpf.
In case this hasn't already been suggested (and apologies if it has):
Make opens on /dev/bpf* fail if securelevel > 0
- mark
---
Mark Newton Email: newton@camtech.com.au
Systems Engineer and Senior Trainer Phone: +61-8-8303-3300
Camtech (SA), a member of the Fax: +61-8-8303-4403
CAMTECH group of companies WWW: http://www.camtech.com.au
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902030505.PAA19809>