From owner-freebsd-security  Tue Sep  7  9: 9:33 1999
Delivered-To: freebsd-security@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP
	id E2E6214D73; Tue,  7 Sep 1999 09:09:15 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.2) with ESMTP id SAA30467;
	Tue, 7 Sep 1999 18:07:40 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: Matthew Dillon <dillon@apollo.backplane.com>
Cc: Nick Hibma <nick.hibma@jrc.it>,
	Greg Black <gjb-freebsd@gba.oz.au>,
	Dag-Erling Smorgrav <des@flood.ping.uio.no>,
	KATO Takenori <kato@ganko.eps.nagoya-u.ac.jp>, bde@zeta.org.au,
	freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: Init(8) cannot decrease securelevel 
In-reply-to: Your message of "Tue, 07 Sep 1999 08:58:45 PDT."
             <199909071558.IAA81847@apollo.backplane.com> 
Date: Tue, 07 Sep 1999 18:07:40 +0200
Message-ID: <30465.936720460@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>    But, unfortunately, putting the console on a serial port creates 
>    vulnerabilities when DDB is enabled.  You are, essentially, creating
>    an unintentional backdoor into the system. Hence the problem.

ports/*/conserver is your friend!

--
Poul-Henning Kamp             FreeBSD coreteam member
phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
FreeBSD -- It will take a long time before progress goes too far!


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message