From owner-freebsd-hackers  Mon Sep  6 22: 6:59 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from alcanet.com.au (border.alcanet.com.au [203.62.196.10])
	by hub.freebsd.org (Postfix) with ESMTP
	id 07FD714EE9; Mon,  6 Sep 1999 22:06:47 -0700 (PDT)
	(envelope-from jeremyp@gsmx07.alcatel.com.au)
Received: by border.alcanet.com.au id <40326>; Tue, 7 Sep 1999 15:04:09 +1000
Date: Tue, 7 Sep 1999 15:06:02 +1000
From: Peter Jeremy <jeremyp@gsmx07.alcatel.com.au>
Subject: Re: Init(8) cannot decrease securelevel
In-reply-to: <199909070420.VAA77483@apollo.backplane.com>
To: dillon@apollo.backplane.com
Cc: freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Message-Id: <99Sep7.150409est.40326@border.alcanet.com.au>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Matthew Dillon <dillon@apollo.backplane.com> wrote:
>   If the system winds up in a state where a kernel core cannot be
>   generated, DDB is the only way to figure out what is going on.  
>   securelevel is a mechanism which attempts to guarentee data security,
>   at least to a degree.

The problem is that DDB currently allows too much freedom.  It
needs to disable various commands as the securelevel is raised.
Working out which commands is the non-trivial exercise - especially
since you can add new ones with DB_COMMAND().

Peter



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message