From owner-freebsd-security  Fri Oct  5  3:50:54 2001
Delivered-To: freebsd-security@freebsd.org
Received: from malraux.matranet.com (malraux.matranet.com [194.117.213.2])
	by hub.freebsd.org (Postfix) with ESMTP id AA93037B406
	for <security@FreeBSD.ORG>; Fri,  5 Oct 2001 03:50:49 -0700 (PDT)
Received: by malraux.matranet.com; id MAA02644; Fri, 5 Oct 2001 12:52:21 +0200 (CEST)
Message-Id: <200110051052.MAA02644@malraux.matranet.com>
Date: Fri, 05 Oct 2001 12:55:56 +0200
From: Laurent Fabre <fabre@matranet.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.3) Gecko/20010924
X-Accept-Language: en-us
MIME-Version: 1.0
To: Rasputin <rasputin@submonkey.net>
Cc: security@FreeBSD.ORG
Subject: Re: Kernel-loadable Root Kits
References: <20011004023034.U8391@blossom.cjclark.org> <20011004173535.0A2DE3B19D@gemini.nersc.gov> <200110050910.LAA22480@malraux.matranet.com> <200110050940.LAA25147@malraux.matranet.com> <200110050958.LAA26593@malraux.matranet.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Rasputin wrote:
> * Laurent Fabre <fabre@matranet.com> [011005 10:50]:
> 
>>Rasputin wrote:
>>
>>>* Eli Dart <dart@nersc.gov> [011004 19:30]:
>>>
> 
>>>>>Have fun. Unless there is outpouring from people who love the idea,
>>>>>I'm not going to commit these to FreeBSD.
>>>>>
>>>>>
>>>>Please consider this as part of an outpouring of support from people 
>>>>who love the idea.
>>>>
>>>>
>>>"me too".
>>>
>>>Isn't this fairly common among the other BSDs as well?
>>>
>>>An alternative to securelevel is sometimes useful,
>>>and KLDs are a fairly well-known attack method against *BSD.
>>>
>>>I don't see any harm in adding it as an option - it's doesn't have to
>>>(definitely shouldn't be) the default, of course.
>>>
> 
>>>>I don't always have the option of running a box 
>>>>in securelevel 1, and I would like to have this knob available, even 
>>>>though it doesn't fix the problem all the way.  Something similar 
>>>>used to exist in FreeBSD 3.x -- I was sorry when it went away.
>>>>
> 
>>please do commit it :)
>>
> 
> Eh? If I was a committer, I would - think I've missed your point?
> 
> 
yup sorry wrong reply :)


-- 
#--------------------------------------------#
#              Laurent Fabre                 #
#            fabre@matranet.com              #      /\    ASCII ribbon
#          EADS, Matranet Product Group      #      \/      campaign
#                                            #      /\	    against
# "foreach if-diff,                          #     /  \    HTML email
#  you need to re-make world...."            #
#--------------------------------------------#


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message