From owner-freebsd-security Sat Apr 18 16:24:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA25045 for freebsd-security-outgoing; Sat, 18 Apr 1998 16:24:55 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from fledge.watson.org (root@FLEDGE.RES.CMU.EDU [128.2.91.116]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA25036 for ; Sat, 18 Apr 1998 23:24:51 GMT (envelope-from robert@cyrus.watson.org) Received: from trojanhorse.pr.watson.org (trojanhorse.pr.watson.org [192.0.2.10]) by fledge.watson.org (8.8.8/8.8.8) with SMTP id TAA10055; Sat, 18 Apr 1998 19:24:46 -0400 (EDT) Date: Sat, 18 Apr 1998 19:24:38 -0400 (EDT) From: Robert Watson X-Sender: robert@trojanhorse.pr.watson.org Reply-To: Robert Watson To: Alex Nash cc: regnauld@deepo.prosa.dk, freebsd-security@FreeBSD.ORG Subject: Re: kernel permissions In-Reply-To: <199804182310.SAA03638@nash.pr.mcs.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk On Sat, 18 Apr 1998, Alex Nash wrote: > > Having just browsed the kernel source a little, it looks like indeed this > > is currently implemented. The comment is a little obscure: > > > > /* only allow get calls if secure mode > 2 */ > > if (securelevel > 2) { > > if (m) (void)m_free(m); > > return(EPERM); > > > > But what it actually means is, only allow non-get calls if securemode > 2. > > Huh? It means what it says: only allow get calls if securelevel > 2. Ugh. Combination of two problems. First, I interpretted the comment to mean that get calls would only be allowed if the securelevel was > 2, rather than the coded only get calls being allowed if securelevel was > 2. I then promptly typed in the wrong thing in my "but what this actually means", and meant to type, "But what it actually means is, only allow non-get calls if securemove < 2". The comment I believe can be interpretted both ways (I asked a few people here to come read the comment and tell me which they thought it was). On the otherhand, my typo is clearly incorrect. Either way, who cares, the code is right. Logically ambiguous language :). Robert N Watson ---- Carnegie Mellon University http://www.cmu.edu/ Trusted Information Systems http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message