From owner-freebsd-security Mon Jun 15 08:47:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA02395 for freebsd-security-outgoing; Mon, 15 Jun 1998 08:47:48 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from heron.doc.ic.ac.uk (eOVu3ykgsh2kbQBXYFHdQHtrvcDie2gn@heron.doc.ic.ac.uk [146.169.46.3]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id IAA02388 for ; Mon, 15 Jun 1998 08:47:42 -0700 (PDT) (envelope-from njs3@doc.ic.ac.uk) Received: from oak71.doc.ic.ac.uk [146.169.46.71] ([1PO/AUtejhIca7KHn73JgaL0KBOMFq4Y]) by heron.doc.ic.ac.uk with smtp (Exim 1.62 #3) id 0ylbI4-0002Ug-00; Mon, 15 Jun 1998 16:35:24 +0100 Received: from njs3 by oak71.doc.ic.ac.uk with local (Exim 1.62 #3) id 0ylbI3-0004aS-00; Mon, 15 Jun 1998 16:35:23 +0100 From: njs3@doc.ic.ac.uk (Niall Smart) Date: Mon, 15 Jun 1998 16:35:23 +0100 In-Reply-To: Matthew Hunt "Re: bsd securelevel patch question" (Jun 15, 11:14am) X-Mailer: Mail User's Shell (7.2.5 10/14/92) To: Matthew Hunt , Niall Smart , Darren Reed Subject: Re: bsd securelevel patch question Cc: eivind@yes.no, dima@best.net, jayrich@room101.sysc.com, security@FreeBSD.ORG Message-Id: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Jun 15, 11:14am, Matthew Hunt wrote: } Subject: Re: bsd securelevel patch question > On Mon, Jun 15, 1998 at 12:23:37PM +0100, Niall Smart wrote: > > > > btw, using the immutable flag(s) without setting the securelevel > 0 is > > > fruitless as raw device access remains open... > > > > 1 you mean. Thats greater than 1, i.e., >= 2, not a quote and then 1. > > > > Secure level 0 is insecure mode. > > Yes, so securelevel > 0, or securelevel >= 1. At securelevel 1 disks can be unmounted and their device files accessed. Securelevel 1 is no good. Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message