Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Sep 2010 09:41:07 -0700
From:      Jack Vogel <jfvogel@gmail.com>
To:        Kurt Jaeger <pi@opsec.eu>
Cc:        Gareth de Vaux <bsd@lordcow.org>, stable@freebsd.org
Subject:   Re: MSIX failure
Message-ID:  <AANLkTi=XqVaAWxuZJ39mK4hYpg6%2Bm04tzN9jsJ7scTD-@mail.gmail.com>
In-Reply-To: <20100909143357.GG34314@home.opsec.eu>
References:  <AANLkTikdGGgpGhy4MJF_K-ttLvjQOBj%2BAb5r-a2uhJ_Y@mail.gmail.com> <20100908094050.GA73841@lordcow.org> <AANLkTikvd09fw3fUhxsXDhMoWE-kvMoPjXPSTfzYY73T@mail.gmail.com> <20100909125400.GA18723@lordcow.org> <20100909131340.GA75829@icarus.home.lan> <20100909132519.GB21535@lordcow.org> <20100909140224.GA76889@icarus.home.lan> <20100909142226.GA25370@lordcow.org> <20100909142455.GA77677@icarus.home.lan> <20100909142928.GA25877@lordcow.org> <20100909143357.GG34314@home.opsec.eu>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 9, 2010 at 7:33 AM, Kurt Jaeger <pi@opsec.eu> wrote:

> Hi!
>
> > > Is this within a jail or something else along those lines?  I can't
> > > reproduce the problem otherwise.  Frustrating!  Someone else on the
> list
> > > might have ideas as to what could cause this.
> >
> > Nope, this's a normal host. I've got securelevel on 1, but doubt that
> > would affect this?
>
> I assume it affects it.
>
> http://www.freebsd.org/doc/en/books/faq/security.html#SECURELEVEL
>
> Basically, when the securelevel is positive, the kernel restricts
> certain tasks; not even the superuser (i.e., root) is allowed to
> do them.
>
> There:
>
> # Write to kernel memory via /dev/mem and /dev/kmem.
>
> So I assume it also restricts reading /dev/kmem ?
>
>
OH YUCK, another root isn't really root, so is it also possibly
the reason for the MSIX failure?? Is this pile, er feature, on by default?

Jack



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=XqVaAWxuZJ39mK4hYpg6%2Bm04tzN9jsJ7scTD->