Date: Fri, 11 May 2007 12:11:36 +0100 From: Thomas Hurst <tom.hurst@clara.net> To: G?t Andr?s <andrej@antiszoc.hu> Cc: noc@intellicom.hu, freebsd-stable@freebsd.org Subject: Re: freebsd and securelevel question Message-ID: <20070511111136.GA38295@voi.aagh.net> In-Reply-To: <54364.195.70.43.76.1178880987.squirrel@duloc.webmedia.hu> References: <54364.195.70.43.76.1178880987.squirrel@duloc.webmedia.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
* G?t Andr?s (andrej@antiszoc.hu) wrote:
> So. The simple question is: Why FreeBSD has securelevel 0 if init sets
> it to 1, if it sees at boot that the level is 0? :)
So when you boot to single user mode you can turn off immutable/append
only flags etc, without letting those capabilities propagate into
multiuser mode?
> We'd like to use our machines with securelevel 0 by default, so I had
> comment out the relevant two lines from init.c.
init(8):
-1 Permanently insecure mode - always run the system in level 0 mode.
This is the default initial value.
--
Thomas 'Freaky' Hurst
http://hur.st/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070511111136.GA38295>