From owner-freebsd-bugs  Tue Mar 25  5:10:17 2003
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B778B37B401
	for <freebsd-bugs@hub.freebsd.org>; Tue, 25 Mar 2003 05:10:12 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D665C43F75
	for <freebsd-bugs@hub.freebsd.org>; Tue, 25 Mar 2003 05:10:11 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id h2PDABNS093302
	for <freebsd-bugs@freefall.freebsd.org>; Tue, 25 Mar 2003 05:10:11 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id h2PDABUX093301;
	Tue, 25 Mar 2003 05:10:11 -0800 (PST)
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 83FF637B401
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 25 Mar 2003 05:07:22 -0800 (PST)
Received: from zagreb.mioc.hr (zagreb.mioc.hr [193.198.200.3])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BE04243F3F
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 25 Mar 2003 05:07:21 -0800 (PST)
	(envelope-from mkuntic@mioc.hr)
Received: from mkuntic by zagreb.mioc.hr with local (Exim 4.12)
	id 18xo9A-00043G-00
	for FreeBSD-gnats-submit@freebsd.org; Tue, 25 Mar 2003 14:07:20 +0100
Message-Id: <E18xo9A-00043G-00@zagreb.mioc.hr>
Date: Tue, 25 Mar 2003 14:07:20 +0100
From: Marko Kuntic <mkuntic@mioc.hr>
Reply-To: Marko Kuntic <mkuntic@mioc.hr>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: kern/50273: securelevel granularity
X-Spam-Status: No, hits=-0.8 required=5.0
	tests=RESENT_TO
	version=2.50
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp)
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org


>Number:         50273
>Category:       kern
>Synopsis:       securelevel granularity
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 25 05:10:11 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Marko Kuntic
>Release:        FreeBSD 5.0-RELEASE-p6 i386
>Organization:
XV. gimnazija
>Environment:
System: FreeBSD 5.0-RELEASE-p6 i386
>Description:
Securelevels consist of different security measures lumped together. A more
useful approach would be to enable the administrator to set various measures
individually; for example, one may wish not to allow modules to be loaded or
unloaded, but at the same time allow the immutable flag to be unset from
files. The existing mechanism makes such differentiation impossible.
>How-To-Repeat:
>Fix:
Instead of providing securelevels, provide ON/OFF switches for individual
security measures, or, at least, provide these switches within the context of
existing securelevels.
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message