Date: Sun, 9 Sep 2001 16:31:55 +0200 (CEST) From: Simon Nielsen <simon@nitro.dk> To: Gabriel Ambuehl <gabriel_ambuehl@buz.ch> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re[3]: Kernel-loadable Root Kits Message-ID: <Pine.BSF.4.33.0109091629040.380-100000@bofh.bofh> In-Reply-To: <1521196904667.20010909161124@buz.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 9 Sep 2001, Gabriel Ambuehl wrote: > >> Would you care to point out how I could lower the securelevel then > >> for legitimate use (i.e. updates or changes to /etc) of the system > >> by the administrators? > > Reboot.. and if you set the securelevel automaticly on boot (e.g. > > in rc.conf) you must start in single user mode after the reboot. > Yeah I know that this would be a way to do it but it's rather hard to > do with colocated servers... Thats right, but i'm rather sure rebooting is the only way to lower the securelevel (anyone please correct me if i'm wrong). From init(8) : The kernel runs with four different levels of security. Any super-user process can raise the security level, but no process can lower it. [CUT] Simon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0109091629040.380-100000>