Date: Fri, 21 May 1999 11:55:10 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: wkt@cs.adfa.edu.au Cc: security@FreeBSD.ORG Subject: Lowering securelevel from console? Message-ID: <199905211555.LAA23107@khavrinen.lcs.mit.edu> In-Reply-To: <199905210635.QAA10497@henry.cs.adfa.edu.au> References: <199905210635.QAA10497@henry.cs.adfa.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Fri, 21 May 1999 16:35:11 +1000 (EST), Warren Toomey <wkt@henry.cs.adfa.edu.au> said: > Now, are there any other reasons why lowering securelevel as root from > the console (and no net connectivity) would be a BAD thing? A rogue root process could use the debugger to take control of another process (e.g., getty) and force it to disengage security. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199905211555.LAA23107>