From owner-freebsd-security Thu Jun 17 7:56:31 1999 Delivered-To: freebsd-security@freebsd.org Received: from phoenix (phoenix.aye.net [206.185.8.134]) by hub.freebsd.org (Postfix) with SMTP id 1FB2114F26 for ; Thu, 17 Jun 1999 07:56:16 -0700 (PDT) (envelope-from barrett@phoenix.aye.net) Received: (qmail 22514 invoked by uid 1000); 17 Jun 1999 14:55:34 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 17 Jun 1999 14:55:34 -0000 Date: Thu, 17 Jun 1999 10:55:33 -0400 (EDT) From: Barrett Richardson To: Richard Childers Cc: Warner Losh , Pete Fritchman , Unknow User , security@FreeBSD.ORG Subject: Re: some nice advice.... In-Reply-To: <3768EE6F.EEE2706F@hamquist.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Try "rm /kernel", "ls > /kernel", "ls >> /kernel" if it is schg those are no-ops. - Barrett Richardson barrett@phoenix.aye.net On Thu, 17 Jun 1999, Richard Childers wrote: > > "My kernel is set schg ..." > > Could you please expand on this ? > > > -- richard > > > > Warner Losh wrote: > > > > In message Pete Fritchman writes: > > : If you get compromised, why does it matter? > > : The attacker compiles a new kernel, waits for you to reboot, boom. > > > > Nope. My kernel is set schg and i run at a high secure level so you > > can't replace my kernel. > > > > : It's kind of hard/stupid to think about something in terms of "what if you > > : get compromised" - he'll have root and be able to do whatever you are > > : thinking about doing (equal privelages) > > > > No it isn't. You can minimize the damage with some careful planning. > > > > Warner > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message