From owner-freebsd-security  Fri Jun 18 23:19:12 1999
Delivered-To: freebsd-security@freebsd.org
Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.76.24])
	by hub.freebsd.org (Postfix) with ESMTP id EF09F14CA9
	for <freebsd-security@FreeBSD.ORG>; Fri, 18 Jun 1999 23:19:03 -0700 (PDT)
	(envelope-from avalon@cheops.anu.edu.au)
Received: (from avalon@localhost)
	by cheops.anu.edu.au (8.9.1/8.9.1) id QAA28681;
	Sat, 19 Jun 1999 16:19:01 +1000 (EST)
From: Darren Reed <avalon@coombs.anu.edu.au>
Message-Id: <199906190619.QAA28681@cheops.anu.edu.au>
Subject: Re: proposed secure-level 4 patch
To: brian@CSUA.Berkeley.EDU (Brian W. Buchanan)
Date: Sat, 19 Jun 1999 16:19:00 +1000 (EST)
Cc: ftobin@bigfoot.com, freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.4.05.9906182304420.70357-100000@smarter.than.nu> from "Brian W. Buchanan" at Jun 18, 99 11:05:46 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Brian W. Buchanan, sie said:
> 
> On Sat, 19 Jun 1999, Frank Tobin wrote:
> 
> > Okay, a good friend of mine Kris Wehner has written a patch to implement
> > the proposed securelevel of 4, which would disallow the opening of
> > secure ports (<1024) while in the securelevel of 4.  The patch is against
> > 3.2-STABLE kernel, as of within 12 hours.  I'd like to hear more comments
> > before I send it as a send-pr.  The patch is attached.
> 
> Kris's patch blocks binding ports <= 1024, but 1024 is not a secure port.
> The last one is 1023.

Sigh, this appears to be a mis-use of "securelevel".  As securelevel
increases, the system is supposed to be more secure - i.e. more functions
are unavailable, even to root.

Using a securelevel of -2 for this is `better', but it means your kernel
must boot up with a securelevel of -1 (or less), init scripts change it
to be >= 0 so that init raises it to (at least) 1 once they're all finished.

Really, using this patch without a securelevel > 0 at run-time indicates
someone who's really not all that interested in security.

Sounds like a sysctl is the knob you're looking for to enable and disable
this feature.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message