Date: Fri, 23 Aug 2002 09:43:15 +0200 (CEST) From: Jan Srzednicki <winfried@student.uci.agh.edu.pl> To: Johan Karlsson <johan@FreeBSD.org> Cc: freebsd-bugs@FreeBSD.org, <freebsd-security@FreeBSD.org> Subject: Re: kern/22142: securelevel does not affect mount Message-ID: <Pine.GSO.4.44.0208230940570.14810-100000@student.uci.agh.edu.pl> In-Reply-To: <200208230144.g7N1itTB030484@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 Aug 2002, Johan Karlsson wrote: > Synopsis: securelevel does not affect mount > > Responsible-Changed-From-To: freebsd-bugs->freebsd-security > Responsible-Changed-By: johan > Responsible-Changed-When: Thu Aug 22 18:41:46 PDT 2002 > Responsible-Changed-Why: > Lets get -security's opinion about this. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=22142 I'm afraid changin securelevel's behaviour would break some system schemes out there, which is rather unwanted thing for -STABLE. One thing we can do is to wait for MACs in -CURRENT. Maybe a better solution is to add another sysctl just form mount? Like kern.mount_disabled, which, when set to 1, cannot be reverted back. -- #- Winfried -------- wrzask@IRCNet -||- GG# 3838383 -||- JS500-RIPE -# #- w@dream.vg ---- w@303.krakow.pl -||--- http://violent.dream.vg ---# #- Never underestimate the power of stupid people in large numbers. -# To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.44.0208230940570.14810-100000>