From owner-freebsd-security Fri May 21 19:18: 1 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 71E4314E64 for ; Fri, 21 May 1999 19:17:57 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA70749; Fri, 21 May 1999 20:16:45 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA00385; Fri, 21 May 1999 20:16:37 -0600 (MDT) Message-Id: <199905220216.UAA00385@harmony.village.org> To: wkt@cs.adfa.edu.au Subject: Re: Lowering securelevel from console? Cc: security@FreeBSD.ORG In-reply-to: Your message of "Sat, 22 May 1999 11:19:25 +1000." <199905220119.LAA15588@henry.cs.adfa.edu.au> References: <199905220119.LAA15588@henry.cs.adfa.edu.au> Date: Fri, 21 May 1999 20:16:37 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <199905220119.LAA15588@henry.cs.adfa.edu.au> Warren Toomey writes: : I think I understand the issue: if someone can break in as root, at the : present they cannot lower the securelevel without rebooting the system. That is the design goal. Modulo bugs in device drivers, that is the case. : I'd still like to have the ability to temporarily lower the securelevel : without having to suffer the delay of a reboot. Is this essentially : infeasible, or are there any ways of authenticating the `real' super-user? options DDB in your kernel. However, that assumes that physical posession of the console (or the ability to get to it if it is a serial console) is secure enough. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message