Date: Sun, 9 Sep 2001 15:16:42 +0200 From: Gabriel Ambuehl <gabriel_ambuehl@buz.ch> To: Giorgos Verigakis <verigak@algol.vtrip-ltd.com> Cc: Deepak Jain <deepak@ai.net>, Kris Kennaway <kris@obsecurity.org>, D J Hawkey Jr <hawkeyd@visi.com>, Alexander Langer <alex@big.endian.de>, <freebsd-security@FreeBSD.ORG> Subject: Re[2]: Kernel-loadable Root Kits Message-ID: <151193622478.20010909151642@buz.ch> In-Reply-To: <Pine.LNX.4.30.0109091103580.32595-100000@algol.vtrip-ltd.com> References: <Pine.LNX.4.30.0109091103580.32595-100000@algol.vtrip-ltd.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hello Giorgos, Sunday, September 09, 2001, 10:07:32 AM, you wrote: >> This user could easily edit the rc.conf file to boot up in >> securelevel=-1 and reboot the machine -- as well as circumvent >> most notifications about the reboot. > Yes, but then you can chflag schg rc.conf rc ... (or maybe the > whole /etc) Would you care to point out how I could lower the securelevel then for legitimate use (i.e. updates or changes to /etc) of the system by the administrators? Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO5tdrsZa2WpymlDxAQHC5Af+OWFg0iJhixVi5CmlBe4POEc8cQmai97W aa1eCPkkNqwHZBQD3b4CGlvCIJZogH0Nv+GQcvsJECx8GHBSczbjl6E003hVTpSr JiBILeEy2pp67rKRSM4KZjqvnLKWNoHjXfrd62Hr2SqqVZ4rtOkvwviW1QWF/DCO 52erGgJU7Xp2i83JlVWi0lUZsXuwSp6IafccfNVSuWluobJLzcS8Tg9FanPbnovR /1wgY0z0lEVm/ri2rPdUGM6kKSn3h+1ORltc/c9F2WVIqleL3Z4TAZOBrbKR+0Mm 6oD2SPRti6TZ9riB/ayK+Jafhhh7AC/le55exGlSzBNVF9SR5F4AWQ== =4lFV -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?151193622478.20010909151642>