Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 10 Jan 2001 12:52:17 +0100 (CET)
From:      Andrzej Bialecki <abial@webgiro.com>
To:        Tomasz Paszkowski <ns88@k.pl>
Cc:        freebsd-current@freebsd.org
Subject:   Re: securelevel and sysctl
Message-ID:  <Pine.BSF.4.20.0101101248320.54435-100000@mx.webgiro.com>
In-Reply-To: <20010110012948.A19896@genesis.k.pl>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 10 Jan 2001, Tomasz Paszkowski wrote:

> 
>  I'am working on module, which catches __sysctl system call, and on
>  securelevel grater than 3, refuse any changes of sysctl oids. Are there any

You might want to take a look at SPY module
(http://people.freebsd.org/~abial/spy).

>  problems, which might happen after blocking sysctl oids change ?
>  AFAIR there is no such application running in user Space,which requires
>  ability to change sysctl oids,is there ?

Several oids are changed on system startup. Others are accessed read-only
to provide system information.

>  Secondly I'was thinking about oids,which are needed for user space aplications
>  to work. I figured out,that vi use some (I didn't check which one) oid on
>  startup, so is there a list of oids used by user space applications ?

Well, it depends on what the user applications want to access, doesn't it
:-). Theoretically, this list could be all oids. Practically, it depends
on the user applications that are installed...

Andrzej Bialecki

//  <abial@webgiro.com> WebGiro AB, Sweden (http://www.webgiro.com)
// -------------------------------------------------------------------
// ------ FreeBSD: The Power to Serve. http://www.freebsd.org --------
// --- Small & Embedded FreeBSD: http://www.freebsd.org/~picobsd/ ----




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.20.0101101248320.54435-100000>