From owner-freebsd-security Tue Mar 26 6:52:27 2002 Delivered-To: freebsd-security@freebsd.org Received: from energyhq.homeip.net (213-97-200-73.uc.nombres.ttd.es [213.97.200.73]) by hub.freebsd.org (Postfix) with ESMTP id 48EE937B416 for ; Tue, 26 Mar 2002 06:52:22 -0800 (PST) Received: by energyhq.homeip.net (Postfix, from userid 1001) id DD3673FC5B; Tue, 26 Mar 2002 15:53:02 +0100 (CET) Date: Tue, 26 Mar 2002 15:53:02 +0100 From: Miguel Mendez To: Moti Levy Cc: security@freebsd.org Subject: Re: secure levels question . Message-ID: <20020326155302.A26448@energyhq.homeip.net> Mail-Followup-To: Moti Levy , security@freebsd.org References: <02f001c1d4d3$8ae70b30$fd6e34c6@moti> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.2.5.1i In-Reply-To: <02f001c1d4d3$8ae70b30$fd6e34c6@moti>; from moti@flncs.com on Tue, Mar 26, 2002 at 09:35:56AM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Mar 26, 2002 at 09:35:56AM -0500, Moti Levy wrote: Hi, > Hi , > I'm building a new mail relay for my company ( it was a hard fight but > freebsd won ! ) > i figured I can set secure level 1 but not two since a mail server needs > access to write on disks . > am i right ? No, I run my mail server at level 3. What you cannot do when running at high security levels is write to the raw disk, you still can write data to normal files, just not to the device. That's the reason why you can't use newfs once your securelevel is set to 2. Cheers, --=20 Miguel Mendez - flynn@energyhq.homeip.net GPG Public Key :: http://energyhq.homeip.net/files/pubkey.txt EnergyHQ :: http://www.energyhq.tk FreeBSD - The power to serve! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message