From owner-freebsd-security  Sat Feb  9  1:22:25 2002
Delivered-To: freebsd-security@freebsd.org
Received: from theinternet.com.au (c20631.kelvn1.qld.optusnet.com.au [203.164.207.8])
	by hub.freebsd.org (Postfix) with ESMTP id 30BC937B43B
	for <security@FreeBSD.ORG>; Sat,  9 Feb 2002 01:22:15 -0800 (PST)
Received: (from akm@localhost)
	by theinternet.com.au (8.11.6/8.11.4) id g199M3U67213;
	Sat, 9 Feb 2002 19:22:03 +1000 (EST)
	(envelope-from akm)
Date: Sat, 9 Feb 2002 19:22:03 +1000
From: Andrew Kenneth Milton <akm@theinternet.com.au>
To: "f.johan.beisser" <jan@caustic.org>
Cc: Andrew Kenneth Milton <akm@theinternet.com.au>,
	Darren Reed <avalon@coombs.anu.edu.au>,
	Brett Glass <brett@lariat.org>, security@FreeBSD.ORG
Subject: Re: Is the technique described in this article do-able with
Message-ID: <20020209192203.J32999@zeus.theinternet.com.au>
References: <20020209190334.I32999@zeus.theinternet.com.au> <20020209010627.Q21734-100000@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20020209010627.Q21734-100000@localhost>; from jan@caustic.org on Sat, Feb 09, 2002 at 01:20:02AM -0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

+-------[ f.johan.beisser ]----------------------
|
| actually, if you're going that route, it's easier to strip the kernel
| down, lock everything nicely with a securelevel (read up in init(8) about
| this), and remount all of the drives read only. there's nothing preventing
| anyone from doing that. there's also nothing to prevent you from booting
| from a drive, and loading all the tools you need in to a ramdisk, and just
| using that..
| 
| of course, this is going a bit more hardcore than most people want or
| would.

But saner than trying to get the box to partially halt d8)

-- 
Totally Holistic Enterprises Internet|                      | Andrew Milton
The Internet (Aust) Pty Ltd          |                      |
ACN: 082 081 472 ABN: 83 082 081 472 |  M:+61 416 022 411   | Carpe Daemon
PO Box 837 Indooroopilly QLD 4068    |akm@theinternet.com.au| 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message