Date: Fri, 8 Sep 2000 09:56:07 -0400 (EDT) From: Vivek Khera <khera@kciLink.com> To: freebsd-current@FreeBSD.ORG Subject: Re: call for testers: init securelevel patch Message-ID: <14776.61431.463710.288320@onceler.kciLink.com> In-Reply-To: <Pine.BSF.4.21.0009080855361.30227-100000@besplex.bde.org> References: <20000907152923.A57609@murkwood.znh.org> <Pine.BSF.4.21.0009080855361.30227-100000@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "BE" == Bruce Evans <bde@zeta.org.au> writes: BE> revision 1.9 BE> date: 1997/06/25 07:31:47; author: joerg; state: Exp; lines: +2 -2 BE> Don't ever allow lowering the securelevel at all. Allowing it does BE> nothing good except of opening a can of (potential or real) security BE> holes. People maintaining a machine with higher security requirements BE> need to be on the console anyway, so there's no point in not forcing BE> them to reboot before starting maintenance. That last sentence makes me think that the person who decided this does not use a network to update that machine, ie NFS mounting /usr/src. It is a royal PITA to get networking up and going after a single-user reboot to get out of secure level. Perhaps one of the secure level restrictions should be that you cannot attach to pid 1 via the debugger. Does the kernel have an idea of single user mode or is that purely a user space thing? Perhaps the kernel could drop the restrictions when in single user mode itself. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Vivek Khera, Ph.D. Khera Communications, Inc. Internet: khera@kciLink.com Rockville, MD +1-301-545-6996 GPG & MIME spoken here http://www.khera.org/~vivek/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14776.61431.463710.288320>