Date: Wed, 07 Aug 1996 15:55:29 -0400 From: James da Silva <jds@TracerTech.COM> To: Michael Hancock <michaelh@cet.co.jp> Cc: FreeBSD Hackers <Hackers@freebsd.org> Subject: Re: kern_mib.c:int securelevel = -1; Message-ID: <199608071955.PAA01494@lex.tracertech.com>
next in thread | raw e-mail | index | archive | help
> It looks like the assignment of securelevel was put into kern_mib.c from > kern_sysctl.c. This is ok I guess, but I'd like to have an option > INSECURE that we can turn off... > > #ifdef INSECURE > int securelevel = -1 > #else > int securelevel > #endif > > Here's the a comment from <sys/systm.h> ... By the way, the comment is wrong on one important point: the disposition of this variable in bss vs data will be irrelevant to a cracker. If the kernel is not immutable, the variable can be patched either way. I still haven't heard of someone actually investigating and documenting all the things necessary to make securelevel real, as opposed to just giving people a false sense of extra security. EG, for starters you'd have to make every file that is touched in single-user mode immutable, and delay starting up all your net daemons until securelevel goes past 0. I'm not sure if that's all. Jaime ............................................................................... : jds@tracertech.com / Tracer Technologies, Inc. \ Stand on my shoulders, : : James da Silva / Mass Storage Software Solutions \ not on my toes. :
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608071955.PAA01494>