From owner-freebsd-security  Fri May 21  8:55:22 1999
Delivered-To: freebsd-security@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id 543A115ABF
	for <security@FreeBSD.ORG>; Fri, 21 May 1999 08:55:17 -0700 (PDT)
	(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.9.1/8.9.1) id LAA23107;
	Fri, 21 May 1999 11:55:10 -0400 (EDT)
	(envelope-from wollman)
Date: Fri, 21 May 1999 11:55:10 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <199905211555.LAA23107@khavrinen.lcs.mit.edu>
To: wkt@cs.adfa.edu.au
Cc: security@FreeBSD.ORG
Subject: Lowering securelevel from console?
In-Reply-To: <199905210635.QAA10497@henry.cs.adfa.edu.au>
References: <199905210635.QAA10497@henry.cs.adfa.edu.au>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

<<On Fri, 21 May 1999 16:35:11 +1000 (EST), Warren Toomey <wkt@henry.cs.adfa.edu.au> said:

> Now, are there any other reasons why lowering securelevel as root from
> the console (and no net connectivity) would be a BAD thing?

A rogue root process could use the debugger to take control of another
process (e.g., getty) and force it to disengage security.

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message