Date: Thu, 21 Dec 2000 06:01:08 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: cjclark@alum.mit.edu Cc: Kris Kennaway <kris@FreeBSD.ORG>, Alfred Perlstein <bright@wintelcom.net>, Mark Zielinski <markz@2cactus.com>, freebsd-security@FreeBSD.ORG Subject: Re: Read-Only Filesystems Message-ID: <20001221060108.B26775@citusc.usc.edu> In-Reply-To: <20001220231205.W96105@149.211.6.64.reflexcom.com>; from cjclark@reflexnet.net on Wed, Dec 20, 2000 at 11:12:05PM -0800 References: <20001219114936.A23819@rfx-64-6-211-149.users.reflexco> <20001219120953.S19572@fw.wintelcom.net> <20001219211642.D13474@citusc.usc.edu> <3A40BED3.1070909@2cactus.com> <20001220174056.C22288@citusc.usc.edu> <20001220174129.F19572@fw.wintelcom.net> <20001220175931.E22288@citusc.usc.edu> <20001220231205.W96105@149.211.6.64.reflexcom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--neYutvxvOLaeuPCA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable \On Wed, Dec 20, 2000 at 11:12:05PM -0800, Crist J. Clark wrote: > On Wed, Dec 20, 2000 at 05:59:31PM -0800, Kris Kennaway wrote: > > On Wed, Dec 20, 2000 at 05:41:29PM -0800, Alfred Perlstein wrote: >=20 > [snip] >=20 > > > Actually, securelevel as a all-covering blanket would work better > > > if people implemented fixes for it like a solution for the mount > > > problem described here. > >=20 > > That still doesn't alter the fact that only a single reboot is needed > > to undo the restrictions. >=20 > Could you elaborate on what scenario you are describing? Of course if > the attacker has physical access, he is a reboot away from getting by > securelevel. But is there a remote attack involving a reboot which > negates securelevel besides the obvious case where the rc* files (and > init, and kernel, and... ) are not sufficiently protected? Nope, that's the one. Once the attacker breaks root on a high securelevel machine they can arrange it so that the next time the system boots it does their dirty work for them prior to raising the securelevel (e.g. load a KLD which allows them backdoor access around the securelevel restrictions, so the system appears to be running normally). Kris --neYutvxvOLaeuPCA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6Qg0kWry0BWjoQKURAtHxAJ90fktzuAphMjWd02ntHS6yS8Z1qACfSDsl Biq3RIYIybb+jL0S/+Te6YI= =qyje -----END PGP SIGNATURE----- --neYutvxvOLaeuPCA-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001221060108.B26775>