From owner-freebsd-current Mon Oct 7 03:12:26 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id DAA01268 for current-outgoing; Mon, 7 Oct 1996 03:12:26 -0700 (PDT) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id DAA01241 for ; Mon, 7 Oct 1996 03:12:18 -0700 (PDT) Received: from time.cdrom.com (localhost [127.0.0.1]) by time.cdrom.com (8.7.6/8.6.9) with ESMTP id DAA05488; Mon, 7 Oct 1996 03:10:29 -0700 (PDT) To: Michael Hancock cc: Bruce Evans , current@freebsd.org Subject: Re: secure level diffs to kern_mib.c, LINT In-reply-to: Your message of "Mon, 07 Oct 1996 18:49:17 +0900." Date: Mon, 07 Oct 1996 03:10:27 -0700 Message-ID: <5486.844683027@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > On Sun, 6 Oct 1996, Bruce Evans wrote: > > > Actually, securelevel 1 is normally so insecure that it shouldn't be used. > > It essentially only provides write protection of /dev/mem and /dev/kmem. > > Isn't write protection of /dev/mem /dev/kmem a good enough reason for use? Not generally - think about having to install kernels or do make worlds single-user. I don't know of *anyone* who does make worlds while single-user, it simply takes the machine down for too long when it could still be doing useful work during the build - I usually have a make world running on my box *two or three times a day* and I don't even notice it while I do my other work. I don't see what the big deal about adding a sysctl line to /etc/rc is here, I really don't. > So facilitate improvements, don't hinder it. Sometimes "giving in to gratuitous nit-picking" is also confused with "facilitating improvements." :-) Jordan