Date: Mon, 22 Oct 2001 16:49:32 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: CS <spork@fasttrackmonkey.com> Cc: The Psychotic Viper <psyv@sec-it.net>, Andrew Johns <johnsa@kpi.com.au>, "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: KLD detectors Message-ID: <20011022164932.C364@blossom.cjclark.org> In-Reply-To: <20011022150129.G60205-100000@bigpoop.foo.foo>; from spork@fasttrackmonkey.com on Mon, Oct 22, 2001 at 03:07:08PM -0400 References: <20011022025913.G26647-100000@lucifer.fuzion.ath.cx> <20011022150129.G60205-100000@bigpoop.foo.foo>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 22, 2001 at 03:07:08PM -0400, CS wrote: > Hi, > > Thanks for the info, I'll test it out on a few I've found (bsd versions of > adore). > > I'm also interested in utilizing securelevels, but I'm still not 100% sure > that securelevel 1 will actually stop this, as there seem to be a number > of tools out there to bypass the securelevel restriction. For example: > > http://www.s0ftpj.org/en/tools.html > > Scroll down to "securelevel bypass": > http://www.s0ftpj.org/tools/securelvl.tgz If you actually look at what this is, it is a KLD that once loaded, will allow users to load KLDs at securelevel > 0. If you have a securelevel > 0 and do not already have this module loaded, it doesn't do anything for you. It doesn't break securelevel(8) or provide a workaround. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011022164932.C364>