Date: Sat, 9 Sep 2000 02:14:00 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Vivek Khera <khera@kciLink.com> Cc: freebsd-current@FreeBSD.ORG Subject: Re: call for testers: init securelevel patch Message-ID: <Pine.BSF.4.21.0009090207570.31591-100000@besplex.bde.org> In-Reply-To: <14776.61431.463710.288320@onceler.kciLink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 8 Sep 2000, Vivek Khera wrote: > >>>>> "BE" == Bruce Evans <bde@zeta.org.au> writes: > > BE> revision 1.9 > BE> holes. People maintaining a machine with higher security requirements > BE> need to be on the console anyway, so there's no point in not forcing > BE> them to reboot before starting maintenance. > > That last sentence makes me think that the person who decided this > does not use a network to update that machine, ie NFS mounting > /usr/src. It is a royal PITA to get networking up and going after a > single-user reboot to get out of secure level. He would probably say that using nfs is inconsistent with being secure. If you only use nfs for updating the machine, then the PITA for securing it then may be larger than the PITA for starting networking. > Perhaps one of the secure level restrictions should be that you cannot > attach to pid 1 via the debugger. This was implemented at about the same time as rev.1.9. > Does the kernel have an idea of single user mode or is that purely a > user space thing? Perhaps the kernel could drop the restrictions when > in single user mode itself. It's almost pure user space. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009090207570.31591-100000>