Date: Thu, 27 Nov 1997 00:18:54 +0100 From: J Wunsch <j@uriah.heep.sax.de> To: "Jin Guojun[ITG]" <jin@george.lbl.gov> Cc: bugs@FreeBSD.ORG Subject: Re: kern.securelevel auto from 0 to 1 ?bug/feature? Message-ID: <19971127001854.20974@uriah.heep.sax.de> In-Reply-To: <199711261816.KAA08150@george.lbl.gov>; from Jin Guojun[ITG] on Wed, Nov 26, 1997 at 10:16:28AM -0800 References: <199711261816.KAA08150@george.lbl.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
As Jin Guojun[ITG] wrote: > So, I wonder if something can be fixed in FreeBSD kernel to prevent this > automatically securelevel jumping? Well, if you want `insecure' mode, leave it as -1, and it won't bump itself. That's why it's called ``Permanently insecure'' then. Unlike the other BSD's, we decided to also plug some of the more common holes in the device drivers if you ever go to more than `0'. Due to the way X11 is currently implemented (which is unlikelyl to change within the near future), this precludes an Xserver from working in any of the higher securelevels. OTOH, if you operate a server machine, the Xserver is probably not your biggest desire, but you might value the securelevel features... -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971127001854.20974>