Date: Tue, 27 Jul 1999 11:18:02 -0600 From: Nate Williams <nate@mt.sri.com> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: "Brian F. Feldman" <green@FreeBSD.ORG>, Joe Greco <jgreco@ns.sol.net>, hackers@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: securelevel and ipfw zero Message-ID: <199907271718.LAA25910@mt.sri.com> In-Reply-To: <199907270348.UAA49943@apollo.backplane.com> References: <Pine.BSF.4.10.9907262322120.35843-100000@janus.syracuse.net> <199907270348.UAA49943@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> ipfw allows you to clear counters. It is a feature that already exists. > > However, it does not allow you to do it if you are sitting at secure > level 3. > > Why not? I can't think of any good reason why clearing the counters > should be disallowed when sitting at a higher secure level. The counters > are nothing more then statistics. Clearing statistics is not a security > threat. I just thought of a bad thing. If you allowed the counters to be zero'd (or advanced) at securelevel == 3, then a 'malicious user' could write a cronjob to continually reset them and cause a DoS attack on the system (or in the case of advance, reset them to ridiculously high values), thus filling up the disk. However, one could argue that *IF* they have root, they could just as easily fill the disk with garbage and cause the same attack, ie; # dd if=/dev/zero of=/var/log/misc > The discussion should simply be about that. Not all this garbage > about adding new features. There's a feature that does not seem > to impact security, secure level disallows it, why? I'm not convinced there aren't other security implications from zero'ing (or advancing) the counters. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907271718.LAA25910>