Date: Mon, 12 Jul 1999 04:43:15 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: proff@suburbia.net, imp@village.org, alla@sovlink.ru, security@FreeBSD.ORG Subject: Re: Syslog alternatives? Message-ID: <Pine.BSF.3.96.990712044203.8908C-100000@fledge.watson.org> In-Reply-To: <199907110904.TAA01620@cheops.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 11 Jul 1999, Darren Reed wrote: > In some mail from Robert Watson, sie said: > [...] > > I still lean towards a combination of existing securelevel code, and a > > protected process flag indicating that the process may not be intefered > > with by unauthorized userland code (i.e., no debugging, signaling, etc). > > That can be used to solve a suite of different problems. Interesting idea, > none the less. I've been meaning to implement this for a long time, as I've needed it for auditing stuff, as well as a number of other projects. I wonder if it would be appropriate to work on a more general policy, such as requiring processes to flag themselves as accessible from higher securelevels before they are. There might be some race conditions involving forks and pipes, however... Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Computing Laboratory at Cambridge University Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990712044203.8908C-100000>