Date: Mon, 15 Jun 1998 16:35:23 +0100 From: njs3@doc.ic.ac.uk (Niall Smart) To: Matthew Hunt <mph@pobox.com>, Niall Smart <njs3@doc.ic.ac.uk>, Darren Reed <avalon@coombs.anu.edu.au> Cc: eivind@yes.no, dima@best.net, jayrich@room101.sysc.com, security@FreeBSD.ORG Subject: Re: bsd securelevel patch question Message-ID: <E0ylbI3-0004aS-00@oak71.doc.ic.ac.uk> In-Reply-To: Matthew Hunt <mph@pobox.com> "Re: bsd securelevel patch question" (Jun 15, 11:14am)
next in thread | previous in thread | raw e-mail | index | archive | help
On Jun 15, 11:14am, Matthew Hunt wrote: } Subject: Re: bsd securelevel patch question > On Mon, Jun 15, 1998 at 12:23:37PM +0100, Niall Smart wrote: > > > > btw, using the immutable flag(s) without setting the securelevel > 0 is > > > fruitless as raw device access remains open... > > > > 1 you mean. Thats greater than 1, i.e., >= 2, not a quote and then 1. > > > > Secure level 0 is insecure mode. > > Yes, so securelevel > 0, or securelevel >= 1. At securelevel 1 disks can be unmounted and their device files accessed. Securelevel 1 is no good. Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0ylbI3-0004aS-00>