From owner-freebsd-current  Fri Sep  8  8:14:22 2000
Delivered-To: freebsd-current@freebsd.org
Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16])
	by hub.freebsd.org (Postfix) with ESMTP id 2562E37B424
	for <freebsd-current@FreeBSD.ORG>; Fri,  8 Sep 2000 08:14:19 -0700 (PDT)
Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102])
	by mailman.zeta.org.au (8.8.7/8.8.7) with ESMTP id CAA17540;
	Sat, 9 Sep 2000 02:14:04 +1100
Date: Sat, 9 Sep 2000 02:14:00 +1100 (EST)
From: Bruce Evans <bde@zeta.org.au>
X-Sender: bde@besplex.bde.org
To: Vivek Khera <khera@kciLink.com>
Cc: freebsd-current@FreeBSD.ORG
Subject: Re: call for testers: init securelevel patch
In-Reply-To: <14776.61431.463710.288320@onceler.kciLink.com>
Message-ID: <Pine.BSF.4.21.0009090207570.31591-100000@besplex.bde.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, 8 Sep 2000, Vivek Khera wrote:

> >>>>> "BE" == Bruce Evans <bde@zeta.org.au> writes:
> 
> BE> revision 1.9
> BE> holes.  People maintaining a machine with higher security requirements
> BE> need to be on the console anyway, so there's no point in not forcing
> BE> them to reboot before starting maintenance.
> 
> That last sentence makes me think that the person who decided this
> does not use a network to update that machine, ie NFS mounting
> /usr/src.  It is a royal PITA to get networking up and going after a
> single-user reboot to get out of secure level.

He would probably say that using nfs is inconsistent with being secure.
If you only use nfs for updating the machine, then the PITA for securing
it then may be larger than the PITA for starting networking.

> Perhaps one of the secure level restrictions should be that you cannot
> attach to pid 1 via the debugger.

This was implemented at about the same time as rev.1.9.

> Does the kernel have an idea of single user mode or is that purely a
> user space thing?  Perhaps the kernel could drop the restrictions when
> in single user mode itself.

It's almost pure user space.

Bruce



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message