From owner-freebsd-security Mon Jun 15 14:16:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA29614 for freebsd-security-outgoing; Mon, 15 Jun 1998 14:16:26 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from nexus.astro.psu.edu (nexus.astro.psu.edu [128.118.147.20]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id OAA29569 for ; Mon, 15 Jun 1998 14:16:13 -0700 (PDT) (envelope-from mph@astro.psu.edu) Received: from mstar.astro.psu.edu by nexus.astro.psu.edu (4.1/Nexus-1.3) id AA07724; Mon, 15 Jun 98 17:15:56 EDT Received: by mstar.astro.psu.edu (SMI-8.6/Client-1.3) id RAA03904; Mon, 15 Jun 1998 17:15:52 -0400 Message-Id: <19980615171548.A3879@mstar.astro.psu.edu> Date: Mon, 15 Jun 1998 17:15:48 -0400 From: Matthew Hunt To: Niall Smart , Darren Reed Cc: eivind@yes.no, dima@best.net, jayrich@room101.sysc.com, security@FreeBSD.ORG Subject: Re: bsd securelevel patch question References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: ; from Niall Smart on Mon, Jun 15, 1998 at 04:35:23PM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jun 15, 1998 at 04:35:23PM +0100, Niall Smart wrote: > > > > 1 you mean. > > Thats greater than 1, i.e., >= 2, not a quote and then 1. Yep, my mental block was elsewhere. :-) > At securelevel 1 disks can be unmounted and their device files accessed. > Securelevel 1 is no good. You are right; I thought the question was when the schg flags became "permanent". I forgot that the device files could circumvent that. Regards, Matt -- Matthew Hunt * Stay close to the Vorlon. http://www.pobox.com/~mph/pgp.key for PGP public key 0x67203349. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message