From owner-freebsd-security  Wed Jun 16 16:33:21 1999
Delivered-To: freebsd-security@freebsd.org
Received: from zerlargal.humbug.org.au (zerlargal.humbug.org.au [203.18.94.159])
	by hub.freebsd.org (Postfix) with ESMTP id 048A014CB9
	for <security@freebsd.org>; Wed, 16 Jun 1999 16:33:17 -0700 (PDT)
	(envelope-from bc@thehub.com.au)
Received: from localhost ([127.0.0.1] helo=zerlargal.humbug.org.au)
	by zerlargal.humbug.org.au with smtp (Exim 2.12 #2)
	id 10uP8z-0008hE-00
	for security@FreeBSD.ORG; Thu, 17 Jun 1999 09:30:57 +1000
Date: Thu, 17 Jun 1999 09:30:57 +1000 (EST)
From: Bruce Campbell <bc@thehub.com.au>
X-Sender: bc@zerlargal.humbug.org.au
To: security@FreeBSD.ORG
Subject: Re: some nice advice.... 
In-Reply-To: <199906162224.QAA02435@harmony.village.org>
Message-ID: <Pine.BSF.3.96.990617092943.1559i-100000@zerlargal.humbug.org.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, 16 Jun 1999, Warner Losh wrote:

> In message <Pine.LNX.3.96.990616182221.28882A-100000@static-petef.netreach.net> Pete Fritchman writes:
> : If you get compromised, why does it matter?
> : The attacker compiles a new kernel, waits for you to reboot, boom.
> 
> Nope.  My kernel is set schg and i run at a high secure level so you
> can't replace my kernel.

Cue burning your own bootable CD and booting from that.

--==--
Bruce.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message