Date: 8 Jan 2000 20:59:57 +0100 From: naddy@mips.rhein-neckar.de (Christian Weisgerber) To: freebsd-questions@freebsd.org Subject: Re: securelevel? Message-ID: <8584vt$cg6$1@bigeye.rhein-neckar.de> References: <857uoh$8c4$1@bigeye.rhein-neckar.de> <4.2.0.58.20000107141157.00999100@mail.enterit.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jim Conner <jconner@enterit.com> wrote: > /etc/rc.conf Not to be ungrateful, but like most people who put their reply in front of a (typically in its entirety) quoted message, you apparently haven't really read what you are purporting to respond to. "/etc/rc.conf" what? I fail to see any connection to the questions I asked. Meanwhile, I'm able to answer the first of my questions myself: > >| Any super-user process can raise the security level, but no > >| process can lower it. > > > >Which means that if you go from single-user mode in securelevel 0 > >to multi-user in level 1 and return to single-user you are still > >in level 1, right? Correct. The commit message for revision 1.36 of src/sbin/init/init.c explains: | FreeBSD kernel doesn't allow any process to decrease securelevel. So, | init(8) cannot decrease securelevel. The manual page explains this | and single_user() doesn't try to downgrade kernel to insecure mode. -- Christian "naddy" Weisgerber naddy@mips.rhein-neckar.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8584vt$cg6$1>