From owner-freebsd-security  Fri Jun 18 22:56:32 1999
Delivered-To: freebsd-security@freebsd.org
Received: from srh0710.urh.uiuc.edu (srh0710.urh.uiuc.edu [130.126.76.32])
	by hub.freebsd.org (Postfix) with SMTP id BC5EB14C32
	for <freebsd-security@freebsd.org>; Fri, 18 Jun 1999 22:56:22 -0700 (PDT)
	(envelope-from ftobin@bigfoot.com)
Received: (qmail 60229 invoked by uid 1000); 19 Jun 1999 05:56:19 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 19 Jun 1999 05:56:19 -0000
Date: Sat, 19 Jun 1999 00:56:19 -0500 (CDT)
From: Frank Tobin <ftobin@bigfoot.com>
X-Sender: ftobin@srh0710.urh.uiuc.edu
To: FreeBSD-security Mailing List <freebsd-security@freebsd.org>
Subject: proposed secure-level 4 patch
Message-ID: <Pine.BSF.4.10.9906190053050.60212-200000@srh0710.urh.uiuc.edu>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="0-1016683127-929771779=:60212"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime@docserver.cac.washington.edu for more info.

--0-1016683127-929771779=:60212
Content-Type: TEXT/PLAIN; charset=US-ASCII

Okay, a good friend of mine Kris Wehner has written a patch to implement
the proposed securelevel of 4, which would disallow the opening of
secure ports (<1024) while in the securelevel of 4.  The patch is against
3.2-STABLE kernel, as of within 12 hours.  I'd like to hear more comments
before I send it as a send-pr.  The patch is attached.

-- 
Frank Tobin			"To learn what is good and what is to be
http://www.bigfoot.com/~ftobin	 valued, those truths which cannot be
				 shaken or changed." Myst: The Book of Atrus
FreeBSD: The Power To Serve

PGPenvelope = GPG and PGP5 + Pine             PGP:  4F86 3BBB A816 6F0A 340F
http://www.bigfoot.com/~ftobin/resources.html       6003 56FF D10A 260C 4FA3

--0-1016683127-929771779=:60212
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="tcp_patch.diff"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.BSF.4.10.9906190056190.60212@srh0710.urh.uiuc.edu>
Content-Description: 
Content-Disposition: attachment; filename="tcp_patch.diff"

KioqIHRjcF91c3JyZXEuYy5vcmlnCUZyaSBKdW4gMTggMTk6MTI6MTggMTk5
OQ0KLS0tIHRjcF91c3JyZXEuYwlGcmkgSnVuIDE4IDE5OjE1OjQ5IDE5OTkN
CioqKioqKioqKioqKioqKg0KKioqIDE4NSwxOTAgKioqKg0KLS0tIDE4NSwx
OTggLS0tLQ0KICAJCWVycm9yID0gRUFGTk9TVVBQT1JUOw0KICAJCWdvdG8g
b3V0Ow0KICAJfQ0KKyAJLyogDQorIAkgKiBEaXNhbGxvdyBiaW5kIGlmIHdl
IGFyZSBpbiBzdXBlciBzZWN1cmUgbW9kZSBhbmQgcG9ydCA8PSAxMDI0DQor
IAkgKi8NCisgCWlmIChzaW5wLT5zaW5fZmFtaWx5ID09IEFGX0lORVQgJiYg
c2lucC0+c2luX3BvcnQgPD0gMTAyNCAmJg0KKyAJICAgIHNlY3VyZWxldmVs
ID49IDQpIHsNCisgCSAgZXJyb3IgPSBFQUNDRVM7DQorIAkgIGdvdG8gb3V0
Ow0KKyAJfQ0KICAJZXJyb3IgPSBpbl9wY2JiaW5kKGlucCwgbmFtLCBwKTsN
CiAgCWlmIChlcnJvcikNCiAgCQlnb3RvIG91dDsNCg==
--0-1016683127-929771779=:60212--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message