From owner-freebsd-security  Fri Sep 17 11:44:26 1999
Delivered-To: freebsd-security@freebsd.org
Received: from shell.futuresouth.com (shell.futuresouth.com [198.78.58.28])
	by hub.freebsd.org (Postfix) with ESMTP id 533D01588B
	for <security@FreeBSD.ORG>; Fri, 17 Sep 1999 11:44:17 -0700 (PDT)
	(envelope-from fullermd@futuresouth.com)
Received: (from fullermd@localhost)
	by shell.futuresouth.com (8.9.3/8.9.3) id NAA02939;
	Fri, 17 Sep 1999 13:43:44 -0500 (CDT)
Date: Fri, 17 Sep 1999 13:43:43 -0500
From: "Matthew D. Fuller" <fullermd@futuresouth.com>
To: Brett Glass <brett@lariat.org>
Cc: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>,
	Liam Slusser <liam@tiora.net>,
	Kenny Drobnack <kdrobnac@mission.mvnc.edu>, security@FreeBSD.ORG
Subject: Re: Securing a system that's been rooted remotely (Was: BPF on in 3.3-RC GENERIC kernel)
Message-ID: <19990917134343.P16305@futuresouth.com>
References: <4.2.0.58.19990916185341.00aaf100@localhost> <Pine.SOL.3.96L.990916210821.19993A-100000@unix8.andrew.cmu .edu> <4.2.0.58.19990916232349.047c27a0@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.3i
In-Reply-To: <4.2.0.58.19990916232349.047c27a0@localhost>; from Brett Glass on Thu, Sep 16, 1999 at 11:25:05PM -0600
X-OS: FreeBSD <http://www.freebsd.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, Sep 16, 1999 at 11:25:05PM -0600, a little birdie told me
that Brett Glass remarked
> 
> securelevel=2 and above disables LKMs, IIRC.

I can't imagine anyone who would need and use a high securelevel like
that, and still run a GENERIC kernel.  If they do, then their worldview
would seem to be slightly skewed.  I run a custom (2.1.5-REL) kernel on
musca, which is a 386 SX/20.  It took 6 hours to compile.  On mortis
(4.0-CURRENT) a kernel takes approx. 2 minutes to compile.  This is not a
major time investment.




-- 
Matthew Fuller     (MF4839)     |    fullermd@over-yonder.net
Unix Systems Administrator      |    fullermd@futuresouth.com
Specializing in FreeBSD         |    http://www.over-yonder.net/
FutureSouth Communications      |    ISPHelp ISP Consulting

"The only reason I'm burning my candle at both ends, is because I
      haven't figured out how to light the middle yet"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message