From owner-freebsd-security  Mon Jun 15 08:17:02 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA26286
          for freebsd-security-outgoing; Mon, 15 Jun 1998 08:17:02 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from nexus.astro.psu.edu (nexus.astro.psu.edu [128.118.147.20])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id IAA26278
          for <security@freebsd.org>; Mon, 15 Jun 1998 08:16:57 -0700 (PDT)
          (envelope-from mph@astro.psu.edu)
Received: from mstar.astro.psu.edu by nexus.astro.psu.edu (4.1/Nexus-1.3)
	id AA04651; Mon, 15 Jun 98 11:14:40 EDT
Received: by mstar.astro.psu.edu (SMI-8.6/Client-1.3)
	id LAA00353; Mon, 15 Jun 1998 11:14:36 -0400
Message-Id: <19980615111435.A348@mstar.astro.psu.edu>
Date: Mon, 15 Jun 1998 11:14:35 -0400
From: Matthew Hunt <mph@pobox.com>
To: Niall Smart <njs3@doc.ic.ac.uk>, Darren Reed <avalon@coombs.anu.edu.au>
Cc: eivind@yes.no, dima@best.net, jayrich@room101.sysc.com,
        security@FreeBSD.ORG
Subject: Re: bsd securelevel patch question
References: <avalon@coombs.anu.edu.au> <E0ylXMP-0003KN-00@oak71.doc.ic.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.91.1i
In-Reply-To: <E0ylXMP-0003KN-00@oak71.doc.ic.ac.uk>; from Niall Smart on Mon, Jun 15, 1998 at 12:23:37PM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Mon, Jun 15, 1998 at 12:23:37PM +0100, Niall Smart wrote:

> > btw, using the immutable flag(s) without setting the securelevel > 0 is
> > fruitless as raw device access remains open...

>  > 1 you mean.
> 
> Secure level 0 is insecure mode.

Yes, so securelevel > 0, or securelevel >= 1.

-- 
Matthew Hunt <mph@pobox.com> * Stay close to the Vorlon.
http://www.pobox.com/~mph/pgp.key for PGP public key 0x67203349.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message