Date: Fri, 5 Oct 2001 10:56:00 +0100 From: Rasputin <rasputin@submonkey.net> To: security@freebsd.org Subject: Re: Kernel-loadable Root Kits Message-ID: <20011005105559.A21670@shikima.mine.nu> In-Reply-To: <200110050940.LAA25147@malraux.matranet.com>; from fabre@matranet.com on Fri, Oct 05, 2001 at 11:44:40AM %2B0200 References: <20011004023034.U8391@blossom.cjclark.org> <20011004173535.0A2DE3B19D@gemini.nersc.gov> <200110050910.LAA22480@malraux.matranet.com> <200110050940.LAA25147@malraux.matranet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Laurent Fabre <fabre@matranet.com> [011005 10:50]: > Rasputin wrote: > > * Eli Dart <dart@nersc.gov> [011004 19:30]: > >>>Have fun. Unless there is outpouring from people who love the idea, > >>>I'm not going to commit these to FreeBSD. > >>> > >>Please consider this as part of an outpouring of support from people > >>who love the idea. > >> > > > > "me too". > > > > Isn't this fairly common among the other BSDs as well? > > > > An alternative to securelevel is sometimes useful, > > and KLDs are a fairly well-known attack method against *BSD. > > > > I don't see any harm in adding it as an option - it's doesn't have to > > (definitely shouldn't be) the default, of course. > >>I don't always have the option of running a box > >>in securelevel 1, and I would like to have this knob available, even > >>though it doesn't fix the problem all the way. Something similar > >>used to exist in FreeBSD 3.x -- I was sorry when it went away. > please do commit it :) Eh? If I was a committer, I would - think I've missed your point? -- "No one gets too old to learn a new way of being stupid." Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011005105559.A21670>