From owner-freebsd-security Tue Dec 19 21:15:30 2000 From owner-freebsd-security@FreeBSD.ORG Tue Dec 19 21:15:26 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id 67ED637B400 for ; Tue, 19 Dec 2000 21:15:26 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id VAA13698; Tue, 19 Dec 2000 21:16:42 -0800 Date: Tue, 19 Dec 2000 21:16:42 -0800 From: Kris Kennaway To: Alfred Perlstein Cc: cjclark@alum.mit.edu, freebsd-security@FreeBSD.ORG Subject: Re: Read-Only Filesystems Message-ID: <20001219211642.D13474@citusc.usc.edu> References: <20001219114936.A23819@rfx-64-6-211-149.users.reflexco> <20001219120953.S19572@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="+B+y8wtTXqdUj1xM" Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20001219120953.S19572@fw.wintelcom.net>; from bright@wintelcom.net on Tue, Dec 19, 2000 at 12:09:53PM -0800 Sender: kris@citusc.usc.edu Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --+B+y8wtTXqdUj1xM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 19, 2000 at 12:09:53PM -0800, Alfred Perlstein wrote: > * Crist J. Clark [001219 11:50] wrote: > > I was recently playing around with the idea of having a read-only root > > filesystem. However, it has become clear that there is no way to > > prevent root from changing the mount properties on any filesystem, > > including the root filesystem, provided there is no hardware-level > > block on writing and there is someplace (anyplace) where root can > > write. > >=20 > > Is that accurate? I guess one must go to a "trusted OS" to get that > > type of functionality? >=20 > You can trust freebsd. :) >=20 > do some research on "securelevel" I don't believe mounting or remounting is denied by any securelevel..I raised this a few months ago but the consensus seemed to be that securelevel was too broken by design and the real fix was MAC, which is coming with TrustedBSD. Kris --+B+y8wtTXqdUj1xM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6QEC6Wry0BWjoQKURAlKQAKDcfEawy/L4hsHCWsKLF0iHPah6vACgmRjN eF30p+Dbb34IYRQru5lGXME= =ZRmE -----END PGP SIGNATURE----- --+B+y8wtTXqdUj1xM-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message