Date: Wed, 14 Aug 1996 16:30:50 -0500 (CDT) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: kpneal@interpath.com (Kevin P. Neal) Cc: jgreco@brasil.moneng.mei.com, ulf@lamb.net, jkh@time.cdrom.com, hackers@freebsd.org Subject: Re: Nightmare. Message-ID: <199608142130.QAA12769@brasil.moneng.mei.com> In-Reply-To: <1.5.4.32.19960814212017.0074c684@interpath.com> from "Kevin P. Neal" at Aug 14, 96 05:20:17 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> >I tend to agree, but wonder if it would not make more sense to tackle this > >from a different angle. > > > >Consider all the programs that could clobber a mounted file system. Would > >it make more sense if we somehow protected a mounted disk device from > >being clobbered? > > Isn't this one of the things that secure_level > 0 protects you from? > > In fact, yes it is. (reference: page 263, 4.4BSD daemon book). > > >OTOH, this is a can of worms, no matter how you do it. Maybe I don't need to point this out, but... The thread started with some beginners who made a sad mistake. It seems to me that in order to set securelevel > 0, you need to know what you are doing. How do you protect the newbies who are not used to UNIX/FreeBSD and who therefore would not have any idea to set securelevel > 0.. We don't default to a securelevel > 0. ... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608142130.QAA12769>