Date: Mon, 20 Sep 1999 16:33:04 -0700 From: Steve <sreid@sea-to-sky.net> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Jobe <jobe@attrition.org>, ark@eltex.ru, freebsd@gndrsh.dnsmgr.net, security@FreeBSD.ORG Subject: Re: Real-time alarms Message-ID: <19990920163304.A334@grok.localnet> In-Reply-To: <Pine.BSF.3.96.990920115728.42321E-100000@fledge.watson.org>; from Robert Watson on Mon, Sep 20, 1999 at 12:10:34PM -0400 References: <Pine.LNX.3.96.990920085058.13128R-100000@forced.attrition.org> <Pine.BSF.3.96.990920115728.42321E-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 20, 1999 at 12:10:34PM -0400, Robert Watson wrote: > One thing I am particularly interested in seeing brought to fruition is a > way to protect key system security processes from interference--from any > other user process, even one running as root. This might be similar to > the jail code--the world being in a jail and only processes such as auditd > (possibly init?) outside of it. Processes would be unable to attach > debuggers to protected processes while securelevel was set above a certain > value, and limited in their ability to signal the processes, etc. Init used to be able to lower the securelevel and for that reason had (and still has?) some kernel code protecting it. IIRC, it was decided that Init's ability to lower the securelevel be revoked after it was discovered that the protections did not take cover procfs. The protections may still be in the kernel and might be adapted to protect other processes. Also, although you can signal Init, if it dies for any reason the system will reboot. This might be useful for security-related monitoring processes as well. Sorry, I don't have code... Not a kernel hacker. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990920163304.A334>