From owner-freebsd-hackers  Mon Feb 24 19:12:42 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA15445
          for hackers-outgoing; Mon, 24 Feb 1997 19:12:42 -0800 (PST)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA15412
          for <hackers@freebsd.org>; Mon, 24 Feb 1997 19:12:24 -0800 (PST)
Received: (from bde@localhost) by godzilla.zeta.org.au (8.8.3/8.6.9) id OAA24549; Tue, 25 Feb 1997 14:08:20 +1100
Date: Tue, 25 Feb 1997 14:08:20 +1100
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199702250308.OAA24549@godzilla.zeta.org.au>
To: hackers@freebsd.org, j@uriah.heep.sax.de
Subject: Re: disallow setuid root shells?
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>> Except the case where the hacker truly knows what they're doing, in which
>> case, the security audit will be worthless.  root can modify any files he
>> wants, including the database used to compare suid files against. =(
>
>chflags schg <your audit file>
>sysctl -q kern.securelevel=1

sysctl: illegal option -- q
usage: ...

$ sysctl -w kern.securelevel=1
kern.securelevel: -1 -> 2

Securelevel 1 is completely useless under FreeBSD since non-mounted disks
can be written to.  Use level 2.

Bruce