From owner-freebsd-security Tue Jul 2 03:46:37 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id DAA25871 for security-outgoing; Tue, 2 Jul 1996 03:46:37 -0700 (PDT) Received: from shogun.tdktca.com ([206.26.1.21]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id DAA25861 for ; Tue, 2 Jul 1996 03:46:34 -0700 (PDT) Received: from shogun.tdktca.com (daemon@localhost) by shogun.tdktca.com (8.7.2/8.7.2) with ESMTP id FAA13581 for ; Tue, 2 Jul 1996 05:47:48 -0500 (CDT) Received: from orion.fa.tdktca.com ([163.49.131.130]) by shogun.tdktca.com (8.7.2/8.7.2) with SMTP id FAA13576 for ; Tue, 2 Jul 1996 05:47:47 -0500 (CDT) Received: (from alex@localhost) by orion.fa.tdktca.com (8.6.12/8.6.9) id FAA17709; Tue, 2 Jul 1996 05:49:46 -0500 Date: Tue, 2 Jul 1996 05:49:46 -0500 Message-Id: <199607021049.FAA17709@orion.fa.tdktca.com> From: Alex Nash To: zbs@softec.softec.sk Cc: freebsd-security@freebsd.org Subject: Re: securelevel and modload Reply-to: alex@fa.tdktca.com Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > I think the FreeBSD kernel securelevel functionality together with > the schg and sappnd flags are a very good idea to make systems > more secure. I like the idea of unchangable securelevel, > unchangable flags etc. But I don't know whether this > all securelevel stuff can be eliminated by a > loadable kernel module, which, say, changes the value of > the variable securelevel. > > So what's the situation? > > Anyway, from a security point of view I would like to completely > disable loadable kernel modules. Is there a way to do it? You cannot load or unload LKMs at securelevels greater than 0. This is the case with -current as of Nov 29th 1995, and -stable as of May 31st 1996. Alex